https://github.com/yamtaldev/securebankapp
Secure Bank App is a full-stack web application for secure banking services. It allows users to sign up, validate phone numbers via SMS, view account balances, and transfer money. Built with Java & Spring Boot for the backend, Angular for the frontend, MongoDB for data storage, and Docker for containerization.
https://github.com/yamtaldev/securebankapp
angular authentication aws banking docker express kubernetes mongodb nodejs rest-api swagger twilio typescript users
Last synced: about 2 months ago
JSON representation
Secure Bank App is a full-stack web application for secure banking services. It allows users to sign up, validate phone numbers via SMS, view account balances, and transfer money. Built with Java & Spring Boot for the backend, Angular for the frontend, MongoDB for data storage, and Docker for containerization.
- Host: GitHub
- URL: https://github.com/yamtaldev/securebankapp
- Owner: YamtalDev
- License: mit
- Created: 2024-09-09T12:13:33.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2024-09-30T16:23:49.000Z (over 1 year ago)
- Last Synced: 2025-04-07T22:13:02.817Z (about 1 year ago)
- Topics: angular, authentication, aws, banking, docker, express, kubernetes, mongodb, nodejs, rest-api, swagger, twilio, typescript, users
- Language: TypeScript
- Homepage:
- Size: 2.19 MB
- Stars: 3
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Secure Web Banking Application
[](LICENSE)
[](https://github.com/YourUsername/SecureWebBankingApp)
[](CONTRIBUTING.md)
[](https://nodejs.org/en/)
[](https://www.typescriptlang.org/)
[](https://expressjs.com/)
[](https://www.mongodb.com/)
[](https://aws.amazon.com/)
[](https://swagger.io/)
[](https://www.twilio.com/)
[](https://www.npmjs.com/)
[](https://angular.io/)
[](https://www.docker.com/)
[](https://minikube.sigs.k8s.io/docs/)
[](https://kubernetes.io/docs/reference/kubectl/)
## Project Overview
The Secure Web Banking Application is a web-based system that allows users to sign up, verify their phone number via SMS, log in, view their account balance, view recent transactions, and send money to other registered users. The application adheres to industry best practices, utilizing modern technologies and frameworks to ensure security, scalability, and maintainability.
## Requirements
1. **User Authentication and Authorization:**
- Sign-up with email, password, and phone number.
- Phone number verification using a one-time passcode (OTP) sent via SMS.
- Secure sign-in with JWT authentication.
- Protected dashboard accessible only after authentication.
2. **Transactions:**
- View account balance (randomly assigned upon sign-up for demo purposes).
- View recent transactions.
- Send money to other registered users by email.
- Validate sufficient balance and recipient existence before processing transactions.
3. **Technology Stack:**
- **Frontend:** [Angular](https://angular.io/) with [TypeScript](https://www.typescriptlang.org/).
- **Backend:** [Node.js](https://nodejs.org/en/) with [Express.js](https://expressjs.com/).
- **Database:** [MongoDB](https://www.mongodb.com/).
- **SMS Service:** [Twilio](https://www.twilio.com/) (or a free alternative).
- **API Documentation:** [Swagger](https://swagger.io/).
- **Containerization:** [Docker](https://www.docker.com/).
- **Orchestration:** [Kubernetes](https://kubernetes.io/) for microservices.
- **Deployment:** AWS (Amazon Web Services) with local deployment via Docker Compose.
4. **Additional Tools:**
- **UI Design:** [Figma](https://www.figma.com/) for implementing the provided designs.
- **Version Control:** [Git](https://git-scm.com/).
## Main Entities
**User:**
Attributes:
- `userId`: Unique identifier for each user.
- `email`: User's email address.
- `password`: Hashed password for authentication.
- `phoneNumber`: User's phone number.
- `isVerified`: Boolean indicating if the phone number has been verified.
- `balance`: Current account balance.
- `createdAt`: Timestamp when the account was created.
**Transaction:**
Attributes:
- `transactionId`: Unique identifier for each transaction.
- `senderEmail`: Email address of the sender.
- `receiverEmail`: Email address of the receiver.
- `amount`: Amount of money transferred.
- `timestamp`: Timestamp when the transaction occurred.
- `type`: Indicates 'credit' or 'debit'.
**OTP Verification:**
Attributes:
- `email`: Email address associated with the OTP.
- `otpCode`: One-time passcode sent to the user's phone.
- `expiresAt`: Expiration time of the OTP.
## Features
- **User Registration and Verification:**
- Users can sign up with email, password, and phone number.
- Phone number verification via OTP sent through SMS.
- Validation to prevent duplicate registrations with the same email.
- **Secure Authentication:**
- Passwords stored securely using hashing (e.g., bcrypt).
- JWT used for session management and route protection.
- **User Dashboard:**
- Displays account balance and recent transactions.
- Provides an option to sign out.
- **Money Transfer:**
- Users can send money to other registered users.
- Validates recipient's existence and sufficient sender balance.
- Updates transaction history for both sender and receiver.
- **API Documentation:**
- APIs documented using Swagger for easy integration and testing.
- **Containerization and Deployment:**
- Dockerized services for consistent environment setup.
- Kubernetes used for orchestrating microservices.
- AWS used for deployment with an option for local deployment using Docker Compose.
- **Industry Best Practices:**
- Clean code with proper architecture.
- Secure coding practices to protect sensitive data.
- Use of environment variables for configuration.
# Usage
To utilize this web banking application, follow these steps:
### Prerequisites
Before you begin, ensure you have the following prerequisites installed on your system:
- **Node.js and npm:** If you don't have Node.js installed, you can download it from the official website:
- [Download Node.js](https://nodejs.org/en/download/)
- **Angular CLI:** Install Angular CLI globally using npm:
```shell
npm install -g @angular/cli
```
- **MongoDB:** Ensure you have MongoDB installed and running on your system.
- [Download MongoDB](https://www.mongodb.com/try/download/community)
- **Docker and Docker Compose:** If you prefer to run the project using Docker containers, make sure you have Docker and Docker Compose installed.
- [Download Docker](https://docs.docker.com/get-started/get-docker/)
- [Download Docker Compose](https://docs.docker.com/compose/install/)
- **AWS CLI (Optional):** For deployment to AWS.
- [Install AWS CLI](https://aws.amazon.com/cli/)
### You can choose to run the project natively or with Docker, depending on your preference and system configuration.
# Installation
## Clone or Download the Repository
You can clone this Git repository or download it as a ZIP file to your local machine.
```shell
git clone https://github.com/YamtalDev/SecureBankApp.git
cd SecureBankApp
```
Backend Setup
1. Navigate to the Backend Directory:
```shell
cd backend
```
2. Install Dependencies:
```shell
npm install
```
3. Environment Variables:
Create a `.env` file in the `backend` directory and add the following configurations:
```shell
PORT=3000
MONGODB_URI=mongodb://localhost:27017/bankapp
JWT_SECRET=your_jwt_secret_key
TWILIO_ACCOUNT_SID=your_twilio_account_sid
TWILIO_AUTH_TOKEN=your_twilio_auth_token
TWILIO_PHONE_NUMBER=your_twilio_phone_number
```
- Replace your_jwt_secret_key with a secure key.
- For Twilio configurations, if you're using Twilio's free trial, replace the placeholders with your actual account details.
4. Run the Backend Server:
```shell
npm start
```
- The backend server should now be running on `http://localhost:3000`.
# Frontend Setup
1. Navigate to the Frontend Directory:
```shell
cd ../frontend
```
2. Install Dependencies:
```shell
npm install
```
3. Environment Variables:
Create an `environment.ts` file in the `src/environments` directory with the following content:
``` typescript
export const environment = {
production: false,
apiUrl: 'http://localhost:3000/api'
};
```
4. Run the Frontend Server:
``` shell
ng serve
```
- The frontend application should now be running on `http://localhost:4200`.
# MongoDB Setup
Ensure that MongoDB is running on your local machine. If installed locally, you can start it with:
```shell
mongod
```
Alternatively, you can use MongoDB Atlas for a cloud-hosted database. Update `MONGODB_URI` in the `.env` file accordingly.
# Spin Up with Docker
1. Ensure No Services Are Running on Required Ports:
```shell
sudo lsof -i :3000
sudo lsof -i :4200
sudo lsof -i :27017
```
- Kill any processes using these ports if necessary.
2. Navigate to the Root Directory:
```shell
cd ../
```
3. Run Docker Containers:
```shell
docker-compose up --build
```
- This command builds and starts all services defined in the `docker-compose.yml` file.
4. Access the Application:
- Frontend: [http://localhost:4200](http://localhost:4200)
- Backend API: [http://localhost:3000/api](http://localhost:3000/api)
# API Documentation
API documentation is available via Swagger UI:
- [Access Swagger UI](http://localhost:3000/api-docs)
- This provides a detailed overview of all API endpoints, request and response schemas, and allows for interactive testing.
# Features and Endpoints
1. User Registration
- Endpoint:
``` http
POST /api/auth/register
```
- Request Body:
```json
{
"email": "user@example.com",
"password": "YourSecurePassword",
"phoneNumber": "+1234567890"
}
```
- Response:
- Success message indicating that an OTP has been sent to the provided phone number.
2. Phone Verification
- Endpoint:
``` http
POST /api/auth/verify-phone
```
- Request Body:
```json
{
"email": "user@example.com",
"otpCode": "123456"
}
```
- Response:
- Success message indicating that the phone number has been verified.
3. User Login
- Endpoint:
``` http
POST /api/auth/login
```
- Request Body:
```json
{
"email": "user@example.com",
"password": "YourSecurePassword"
}
```
- Response:
- JWT token to be used for authenticated requests.
4. Get User Dashboard
- Endpoint:
``` http
GET /api/user/dashboard
```
- Headers:
* Authorization: Bearer
- Response:
```json
{
"email": "user@example.com",
"balance": 1000,
"transactions": [
{
"transactionId": "txn_123",
"senderEmail": "user@example.com",
"receiverEmail": "receiver@example.com",
"amount": -100,
"timestamp": "2023-09-01T12:34:56Z",
"type": "debit"
}
]
}
```
5. Send Money
- Endpoint:
``` http
POST /api/transactions/send
```
- Headers:
* Authorization: Bearer
- Request Body:
```json
{
"receiverEmail": "receiver@example.com",
"amount": 100
}
```
- Response:
* Success message with transaction details.
6. Sign Out
- Endpoint:
* Frontend handles sign-out by removing JWT token from storage.
# Deployment to AWS (Optional)
Given the budget constraints, you can utilize AWS Free Tier services.
1. Set Up AWS Account:
- Sign up for AWS and configure IAM users and roles.
2. Deploy Backend and Frontend:
- Use AWS Elastic Beanstalk or AWS EC2 instances to deploy your Docker containers.
- Alternatively, use AWS Elastic Container Service (ECS) with Fargate.
3. Database Deployment:
- Use Amazon DocumentDB (MongoDB compatible) within the free tier limits.
- Ensure security groups and network settings allow your application to connect to the database.
4. SMS Service Configuration:
- If Twilio's free trial is insufficient, consider using AWS SNS (Simple Notification Service) for sending SMS messages within the free tier.
# Testing
- Unit Tests:
* Implement unit tests using frameworks like Jest for backend and Jasmine/Karma for frontend.
- Integration Tests:
* Test interactions between different components of the application.
- Manual Testing:
* Use tools like Postman to test API endpoints.
Learning Resources
[](https://angular.io/docs)
[](https://expressjs.com/)
[](https://docs.mongodb.com/manual/tutorial/)
[](https://docs.docker.com/get-started/)
[](https://kubernetes.io/docs/tutorials/kubernetes-basics/)
[](https://aws.amazon.com/free/)
[](https://swagger.io/docs/)
[](https://www.twilio.com/docs/usage/api)
## License:
This project is licensed under the MIT License. See the [LICENSE](LICENSE) file for details.
## Contact:
For questions or issues, feel free to [create an issue](https://github.com/YamtalDev/HackerNews-API/issues) or contact the project maintainer.