{"id":51276661,"url":"https://github.com/sangaryousmane/full_stack_auth_react-spring-backend","last_synced_at":"2026-06-29T21:03:34.452Z","repository":{"id":359182864,"uuid":"1244907800","full_name":"sangaryousmane/full_stack_auth_react-spring-backend","owner":"sangaryousmane","description":"A full stack user authentication app using Spring-Boot and React JS","archived":false,"fork":false,"pushed_at":"2026-06-27T08:33:36.000Z","size":60,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"master","last_synced_at":"2026-06-27T10:05:10.274Z","etag":null,"topics":["authentication","axios","enterprise-architecture","full-stack","postgresql","reactjs","rest-api","spring-boot","spring-security-jwt"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sangaryousmane.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-05-20T18:06:43.000Z","updated_at":"2026-06-27T08:33:40.000Z","dependencies_parsed_at":"2026-05-21T00:00:33.130Z","dependency_job_id":null,"html_url":"https://github.com/sangaryousmane/full_stack_auth_react-spring-backend","commit_stats":null,"previous_names":["sangaryousmane/full_stack_auth_system","sangaryousmane/full_stack_auth_react-spring-backend"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/sangaryousmane/full_stack_auth_react-spring-backend","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sangaryousmane%2Ffull_stack_auth_react-spring-backend","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sangaryousmane%2Ffull_stack_auth_react-spring-backend/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sangaryousmane%2Ffull_stack_auth_react-spring-backend/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sangaryousmane%2Ffull_stack_auth_react-spring-backend/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sangaryousmane","download_url":"https://codeload.github.com/sangaryousmane/full_stack_auth_react-spring-backend/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sangaryousmane%2Ffull_stack_auth_react-spring-backend/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34942665,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-29T02:00:05.398Z","response_time":58,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","axios","enterprise-architecture","full-stack","postgresql","reactjs","rest-api","spring-boot","spring-security-jwt"],"created_at":"2026-06-29T21:03:33.417Z","updated_at":"2026-06-29T21:03:34.446Z","avatar_url":"https://github.com/sangaryousmane.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Full Stack Authentication System\n\nA modern full-stack authentication system built with Spring Boot for the backend and React.js for the frontend.\n\nThis project demonstrates a secure authentication workflow using JWT (JSON Web Tokens), role-based authorization, protected routes, and RESTful API communication between the frontend and backend.\n\n---\n\n# Features\n\n## Backend (Spring Boot)\n\n* Spring Security integration\n* JWT authentication and authorization\n* User registration and login\n* Password encryption using BCrypt\n* Role-based access control (RBAC)\n* REST API architecture\n* CORS configuration\n* Exception handling\n* PostgreSQL database support\n* Maven project structure\n\n## Frontend (React)\n\n* React functional components\n* Authentication state management\n* Protected routes\n* Login and registration pages\n* Axios API integration\n* Local storage token management\n* Responsive UI\n\n---\n\n# Tech Stack\n## Backend\n\n* Java\n* Spring Boot\n* Spring Security\n* JWT\n* Hibernate / JPA\n* Maven\n* MySQL or PostgreSQL\n\n## Frontend\n\n* React.js\n* Axios\n* React Router\n* Tailwind CSS / CSS\n\n---\n\n# Project Structure\n\n```bash\nfull_stack_auth_system/\n│\n├── backend/\n│   ├── src/\n│   ├── pom.xml\n│   └── application.properties\n│\n├── frontend/\n│   ├── src/\n│   ├── package.json\n│   └── public/\n│\n├── .gitignore\n└── README.md\n```\n\n---\n\n# Installation and Setup\n\n## 1. Clone the Repository\n\n```bash\ngit clone https://github.com/sangaryousmane/full_stack_auth_system.git\ncd full_stack_auth_system\n```\n\n---\n\n# Backend Setup\n\n## Run Backend\n\n```bash\nmvn spring-boot:run\n```\n\nBackend runs on:\n\n```text\nhttp://localhost:8080\n```\n\n---\n\n# Frontend Setup\n\n## Navigate to Frontend\n\n```bash\ncd frontend\n```\n\n## Install Dependencies\n\n```bash\nnpm install\n```\n\n## Start Frontend\n\n```bash\nnpm start\n```\n\nFrontend runs on:\n\n```text\nhttp://localhost:3000\n```\n\n---\n\n# API Endpoints\n\nAetherERP Authentication API Documentation\nBase URL\n```text\nhttp://localhost:8080\n```\nThis document explains the available authentication and profile endpoints and how to test them using Postman.\n---\n1. Register User\n   Endpoint\n```http\nPOST /register\n```\nRequest\n```json\n{\n  \"name\": \"Ousmane Sangary\",\n  \"email\": \"ousmane@gmail.com\",\n  \"password\": \"password123\"\n}\n```\nResponse\n```json\n{\n  \"userId\": \"generated-uuid\",\n  \"name\": \"Ousmane Sangary\",\n  \"email\": \"ousmane@gmail.com\",\n  \"isAccountVerified\": false\n}\n```\nWhat happens:\n- Validates request\n- Encrypts password\n- Stores user\n- Sends welcome email\n---\n2. Login\n   Endpoint\n```http\nPOST /login\n```\nRequest\n```json\n{\n  \"email\": \"ousmane@gmail.com\",\n  \"password\": \"password123\"\n}\n```\nResponse\n```json\n{\n  \"email\": \"ousmane@gmail.com\",\n  \"token\": \"JWT_TOKEN\"\n}\n```\nWhat happens:\n- Authenticate user\n- Load user details\n- Generate JWT\n- Set HTTP-only cookie\n- Return JWT token\n---\n3. Get Profile\n   Endpoint\n```http\nGET /profile\n```\nAuthorization\n```http\nAuthorization: Bearer JWT_TOKEN\n```\nResponse\n```json\n{\n  \"userId\": \"generated-uuid\",\n  \"name\": \"Ousmane Sangary\",\n  \"email\": \"ousmane@gmail.com\",\n  \"isAccountVerified\": false\n}\n```\n---\n4. Check Authentication\n   Endpoint\n```http\nGET /is-authenticated\n```\nResponse\n```json\ntrue\n```\n---\n5. Send Reset OTP\n   Endpoint\n```http\nPOST /send-reset-otp?email=user@gmail.com\n```\nNo request body.\n\nWhat happens:\n- Generate OTP\n- Save OTP\n- Save expiration time\n- Send email\n---\n6. Reset Password\n   Endpoint\n```http\nPOST /reset-password\n```\nRequest\n```json\n{\n  \"email\": \"ousmane@gmail.com\",\n  \"otp\": \"482913\",\n  \"newPassword\": \"newpassword123\"\n}\n```\nWhat happens:\n- Validate OTP \n- Verify expiration \n- Encrypt new password \n- Update account\n---\n7. Send Verification OTP\n   Endpoint\n```http\nPOST /send-otp\n```\nAuthorization\n```http\nAuthorization: Bearer JWT_TOKEN\n```\nWhat happens:\n- Generate verification OTP \n- Store OTP \n- Send email\n---\n8. Verify Email\n   Endpoint\n```http\nPOST /verify-otp\n```\nRequest\n```json\n{\n  \"otp\": \"981236\"\n}\n```\nWhat happens:\n- Validate OTP \n- Verify expiration \n- Activate account\n---\n9. Test Endpoint\n   Endpoint\n```http\nGET /test\n```\nResponse\n```text\nAuth is working\n```\n---\nPostman Testing Flow \n1. Register \n2. Login \n3. Copy JWT and Add Bearer Token \n4. Test `/profile`\n5. Test `/is-authenticated`\n6. Send OTP \n7. Verify OTP \n8. Reset password\n---\n\n## Endpoint Summary\n\n| Method | Endpoint | Auth Required |\n|---------|----------|---------------|\n| POST | /register | No |\n| POST | /login | No |\n| GET | /profile | Yes |\n| GET | /is-authenticated | Yes |\n| POST | /send-reset-otp | No |\n| POST | /reset-password | No |\n| POST | /send-otp | Yes |\n| POST | /verify-otp | Yes |\n| GET | /test | Yes |\n\n---\n\n# JWT Authentication Flow\n\n1. User registers or logs in.\n2. Backend validates credentials.\n3. JWT token is generated.\n4. Frontend stores token.\n5. Token is sent in Authorization header.\n6. Backend validates token before granting access.\n\n---\n\n# Environment Variables\n\nExample frontend `.env`:\n\n```env\nREACT_APP_API_URL=http://localhost:8080/api\n```\n\n---\n\n# Hide Files Starting With '.'\n\nFiles starting with `.` are hidden files in Linux/macOS and Git projects.\nExamples:\n\n```text\n.gitignore\n.env\n.idea\n.vscode\n```\n\n## To Ignore Them in Git\n\nUse `.gitignore`:\n\n```gitignore\n.env\n.idea/\n.vscode/\nnode_modules/\ntarget/\n```\n\n## To View Hidden Files\n\n### Windows\n\n* Open File Explorer\n* Click \"View\"\n* Enable \"Hidden Items\"\n\n### Linux/macOS\n\n```bash\nls -la\n```\n\n---\n\n# Recommended .gitignore\n\n```gitignore\n# Node\nnode_modules/\n\n# React\nbuild/\n\n# Java\n*.class\n*.jar\ntarget/\n\n# IDE\n.idea/\n.vscode/\n\n# Environment\n.env\n\n# OS Files\n.DS_Store\nThumbs.db\n```\n\n---\n\n# Security Notes\n\n* Never commit `.env` files.\n* Never expose JWT secret keys.\n* Use HTTPS in production.\n* Store passwords using BCrypt.\n* Configure proper CORS policies.\n\n---\n\n# Future Improvements\n\n* Refresh token implementation\n* OAuth2 login\n* Email verification\n* Password reset feature\n* Docker deployment\n* CI/CD pipeline\n* Redis session management\n\n---\n\n# Author\n\nCreated by Ousmane Sangary.\n\nGitHub Repository:\n\n[https://github.com/sangaryousmane/full_stack_auth_system](https://github.com/sangaryousmane/full_stack_auth_system)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsangaryousmane%2Ffull_stack_auth_react-spring-backend","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsangaryousmane%2Ffull_stack_auth_react-spring-backend","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsangaryousmane%2Ffull_stack_auth_react-spring-backend/lists"}