{"id":21349527,"url":"https://github.com/simranshaikh20/bank-management-system","last_synced_at":"2025-03-16T04:24:57.713Z","repository":{"id":257968985,"uuid":"871570558","full_name":"SimranShaikh20/Bank-Management-System","owner":"SimranShaikh20","description":"Bank Management System using Password Protection","archived":false,"fork":false,"pushed_at":"2024-10-21T13:36:16.000Z","size":237,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-22T17:09:57.155Z","etag":null,"topics":["java","jdbc-database"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SimranShaikh20.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-10-12T10:30:42.000Z","updated_at":"2025-01-11T17:42:57.000Z","dependencies_parsed_at":"2024-10-17T06:11:53.546Z","dependency_job_id":null,"html_url":"https://github.com/SimranShaikh20/Bank-Management-System","commit_stats":null,"previous_names":["simranshaikh20/bank-management-system"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SimranShaikh20%2FBank-Management-System","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SimranShaikh20%2FBank-Management-System/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SimranShaikh20%2FBank-Management-System/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SimranShaikh20%2FBank-Management-System/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SimranShaikh20","download_url":"https://codeload.github.com/SimranShaikh20/Bank-Management-System/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243824889,"owners_count":20353964,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["java","jdbc-database"],"created_at":"2024-11-22T02:46:57.396Z","updated_at":"2025-03-16T04:24:57.691Z","avatar_url":"https://github.com/SimranShaikh20.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Bank Management System using Password Protection\n\nThe banking system manages user registrations, logins, and account operations (credit, debit, transfer, balance check). The backend uses Java, JDBC for database connectivity, and a MySQL database. It handles secure password management, account creation, and ensures transactional integrity for money operations.\n\n## 1. User Class\nThe **User** class manages user registration and login processes. It interacts with the database to securely store user information.\n\n### Key Methods:\n- **register()**: Prompts the user for full name, email, and password.\n    - Checks if the user already exists in the database.\n    - Hashes the password using PBKDF2WithHmacSHA1 with a random salt.\n    - Inserts the user details into the database securely with a salted hash.\n    - _Security Enhancement_: Add email validation to prevent malformed input.\n  \n- **login()**: Prompts the user for email and password.\n    - Fetches the stored hashed password from the database.\n    - Verifies the entered password by comparing the hashed values.\n    - Returns the user's email if the login is successful; otherwise, an error message is displayed.\n    - _Tip_: Implement a rate limiter to prevent brute force attacks on login attempts.\n\n- **user_exist(String email)**: Checks if a user already exists in the database for the provided email.\n\n- **hashPassword(String password)**: Generates a hash of the given password using PBKDF2WithHmacSHA1 with a random salt.\n    - Returns the salt and hash concatenated into a single string for secure storage.\n    - _Best Practice_: Use a high number of iterations (e.g., 100,000) for better security.\n\n- **verifyPassword(String password, String storedHash)**: Verifies the entered password by hashing it with the same salt used during registration.\n    - Returns `true` if the hash matches; otherwise, `false`.\n    - _Important_: Ensure constant-time comparison to prevent timing attacks.\n\n### Security Notes:\n- Passwords are hashed using PBKDF2 with a random salt, providing strong protection against dictionary attacks.\n- Plain passwords are never stored in the database.\n- Consider two-factor authentication (2FA) for an extra layer of security during login.\n\n## 2. Accounts Class\nThe **Accounts** class handles the creation and management of bank accounts.\n\n### Key Methods:\n- **open_account(String email)**: Generates a new account number and inserts the account details into the database.\n    - Returns the newly created account number.\n    - Initial account balance and a secure PIN are also requested from the user.\n    - _Enhancement_: Consider account verification through email before activation.\n  \n- **getAccount_number(String email)**: Retrieves the account number associated with the provided email.\n\n- **generateAccountNumber()**: Generates a unique account number based on the last used account number in the database.\n    - If no accounts exist, it starts with a default number (e.g., 10000100).\n    - _Tip_: Use a more advanced method to generate unique, unpredictable account numbers to avoid conflicts.\n\n- **account_exist(String email)**: Checks if an account exists for a user with the given email.\n\n## 3. AccountManager Class\nThe **AccountManager** class handles financial transactions such as credit, debit, money transfers, and balance inquiries.\n\n### Key Methods:\n- **credit_money(long account_number)**: Verifies the PIN and credits the specified amount to the account.\n    - Ensures the transaction is performed atomically using transaction management to guarantee data consistency.\n    - _Improvement_: Log transaction details (amount, date, source) for audit purposes.\n\n- **debit_money(long account_number)**: Checks if the account has sufficient balance before debiting the requested amount.\n    - Ensures the transaction is either fully completed or rolled back in case of insufficient funds or other errors.\n    - _Enhancement_: Implement overdraft protection or alert the user if the balance is low.\n\n- **transfer_money(long sender_account_number)**: Transfers money from one account to another.\n    - The user provides the recipient's account number, transfer amount, and security PIN.\n    - Checks the sender's balance and verifies the security PIN before performing the transfer.\n    - Updates the balances of both accounts (sender and receiver) in a single transaction to ensure consistency.\n    - _Recommendation_: Allow users to add recipients to a “trusted list” to avoid repeated PIN checks for frequent transfers.\n\n- **getBalance(long account_number)**: Retrieves the current balance of the account after verifying the security PIN.\n    - _Security_: Ensure the balance is only shown after confirming the correct PIN to protect sensitive information.\n\n### Transaction Management:\n- Disables auto-commit before performing operations such as debit, credit, or transfer to ensure transactional integrity.\n- If an error occurs (e.g., insufficient funds or incorrect PIN), the transaction is rolled back to its original state.\n- After successful operations, the transaction is committed.\n\n### Transaction Management Highlights:\n- **Atomicity**: Ensures that all financial transactions are fully completed or not executed at all to prevent data corruption.\n- **Error Handling**: Transaction rollback in case of failure helps maintain data integrity across complex operations.\n- **Audit Trails**: Keep logs of all transactions for accountability and future reference.\n\n## 4. BankingApp Class\nThe **BankingApp** is the entry point of the system, implementing the user interface logic.\n\n### Key Methods:\n- **main(String[] args)**: Handles the main application flow.\n    - Prompts the user to register or log in.\n    - If login is successful, checks if the user has an account.\n\n### Application Flow:\n1. **Registration**: Users can register by providing their full name, email, and password.\n2. **Login**: Registered users can log in with their email and password.\n3. **Account Creation**: Once logged in, users without a bank account can create one by providing an initial balance and security PIN.\n4. **Account Operations**: After logging in, users can:\n    - Debit: Withdraw money from their account after PIN verification.\n    - Credit: Deposit money into their account.\n    - Transfer: Transfer money to another account after PIN verification and balance check.\n    - Check Balance: View their account balance securely after verifying the PIN.\n\n\nThank you !","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimranshaikh20%2Fbank-management-system","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsimranshaikh20%2Fbank-management-system","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimranshaikh20%2Fbank-management-system/lists"}