Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/dhruvpatel-7/advanceauthentication-system
This is An Advance level Login and register with Use of Angular and .net web api. In this Project I use Jwt, password Hashing ,refresh Token ,Rolebase Authentication and Validation.
https://github.com/dhruvpatel-7/advanceauthentication-system
angular dotnet jwt-authentication passwordhasher refresh-token validation webapi-core
Last synced: about 1 month ago
JSON representation
This is An Advance level Login and register with Use of Angular and .net web api. In this Project I use Jwt, password Hashing ,refresh Token ,Rolebase Authentication and Validation.
- Host: GitHub
- URL: https://github.com/dhruvpatel-7/advanceauthentication-system
- Owner: Dhruvpatel-7
- License: mit
- Created: 2024-09-07T11:14:47.000Z (2 months ago)
- Default Branch: main
- Last Pushed: 2024-09-13T06:23:48.000Z (2 months ago)
- Last Synced: 2024-10-13T01:41:44.331Z (about 1 month ago)
- Topics: angular, dotnet, jwt-authentication, passwordhasher, refresh-token, validation, webapi-core
- Language: TypeScript
- Homepage:
- Size: 2.64 MB
- Stars: 8
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE.txt
Awesome Lists containing this project
README
# Advance Authentication System
Advance Login
An awesome Login and register With Jwt ,Passwordhash, Refreshtoken Authentication Authorization.you can directly use this code in any Angular, .net website for best authentication.
### Built With
## About The Project
This Project Mainy use ful for those people Who dont want to waste more time in create login process with oll the security stuff they can just download and edit some code and 💥 boom its done.
## OverviewThis project is an authentication system designed to manage user registration, login, and secure sessions using JSON Web Tokens (JWT). It features mechanisms for password hashing and token refreshing to enhance security and user experience.
## Key Features
### 1. User Registration
- **Purpose**: Allows new users to create an account.
- **Process**:
- Users provide their credentials (e.g., username, email, and password).
- Passwords are hashed using a secure hashing algorithm (e.g., bcrypt) before storage.
- User data, including the hashed password, is saved in a database.### 2. User Login
- **Purpose**: Authenticates users and issues access tokens.
- **Process**:
- Users submit their credentials (username/email and password).
- The provided password is hashed and compared with the stored hashed password in the database.
- Upon successful authentication, an access token (JWT) is generated and returned.### 3. JWT (JSON Web Token)
- **Purpose**: Provides a secure way to transmit information between parties.
- **Usage**:
- After successful login, a JWT containing user information and an expiration time is generated.
- The token is signed with a secret key to ensure its integrity and authenticity.
- The token is included in the `Authorization` header of subsequent requests to access protected routes.### 4. Refresh Token
- **Purpose**: Allows users to obtain a new access token without re-authenticating.
- **Usage**:
- Alongside the access token, a refresh token is issued.
- When the access token expires, the refresh token can be used to request a new access token.
- Refresh tokens have a longer expiration time and are stored securely on the client-side.### 5. Password Hashing
- **Purpose**: Enhances security by protecting user passwords.
- **Process**:
- Passwords are hashed using a strong algorithm (e.g., bcrypt) before storage.
- During login, the entered password is hashed and compared with the stored hashed password.## Security Considerations
- **Hashing Algorithm**: Use a strong and well-established hashing algorithm like bcrypt or Argon2.
- **JWT Secret**: Ensure the JWT secret key is kept secure.
- **Token Expiry**: Implement appropriate expiration times for both access and refresh tokens.
- **Secure Storage**: Store refresh tokens securely on the client side (e.g., in HTTP-only cookies).## Screenshots
Here is a screenshot of the application:
![Application Screenshot](images/screenshot.png)
## License
Distributed under the MIT License. See `LICENSE.txt` for more information.
## Contact
Your Name- Dhruv Patel - [email protected]
Project Link: https://github.com/Dhruvpatel-7/AdvanceLogin