feat: Implement comprehensive OAuth and email verification authentication system
- Add email verification with token-based validation - Integrate Google, Facebook, and Yahoo OAuth providers - Add OAuth configuration and email service modules - Update User model with email_verified, oauth_provider, oauth_id fields - Implement async password hashing/verification to prevent blocking - Add database migration script for new user fields - Create email verification page with professional UI - Update login page with social login buttons (Google, Facebook, Yahoo) - Add OAuth callback token handling - Implement scroll-to-top navigation component - Add 5-second real-time polling for Products and Services pages - Enhance About page with Apple-style scroll animations - Update Home and Contact pages with branding and business info - Optimize API cache with prefix-based clearing - Create comprehensive setup documentation and quick start guide - Fix login performance with ThreadPoolExecutor for bcrypt operations Performance improvements: - Login time optimized to ~220ms with async password verification - Real-time data updates every 5 seconds - Non-blocking password operations Security enhancements: - Email verification required for new accounts - OAuth integration for secure social login - Verification tokens expire after 24 hours - Password field nullable for OAuth users
This commit is contained in:
38
backend/.env.example
Normal file
38
backend/.env.example
Normal file
@@ -0,0 +1,38 @@
|
||||
# JWT Configuration
|
||||
JWT_SECRET=your-super-secret-jwt-key-change-this-in-production-use-long-random-string
|
||||
|
||||
# Email Configuration (Gmail SMTP)
|
||||
# Follow steps in docs/AUTH_SETUP_GUIDE.md to get App Password
|
||||
SMTP_HOST=smtp.gmail.com
|
||||
SMTP_PORT=587
|
||||
SMTP_USER=prompttechbz@gmail.com
|
||||
SMTP_PASSWORD=your-16-char-app-password-here
|
||||
FROM_EMAIL=prompttechbz@gmail.com
|
||||
|
||||
# Frontend URL
|
||||
FRONTEND_URL=http://localhost:5300
|
||||
|
||||
# Google OAuth
|
||||
# Get from: https://console.cloud.google.com/
|
||||
GOOGLE_CLIENT_ID=your-google-client-id.apps.googleusercontent.com
|
||||
GOOGLE_CLIENT_SECRET=GOCSPX-your-google-client-secret
|
||||
GOOGLE_REDIRECT_URI=http://localhost:8181/api/auth/google/callback
|
||||
|
||||
# Facebook OAuth
|
||||
# Get from: https://developers.facebook.com/
|
||||
FACEBOOK_APP_ID=your-facebook-app-id
|
||||
FACEBOOK_APP_SECRET=your-facebook-app-secret
|
||||
FACEBOOK_REDIRECT_URI=http://localhost:8181/api/auth/facebook/callback
|
||||
|
||||
# Yahoo OAuth
|
||||
# Get from: https://developer.yahoo.com/
|
||||
YAHOO_CLIENT_ID=your-yahoo-client-id
|
||||
YAHOO_CLIENT_SECRET=your-yahoo-client-secret
|
||||
YAHOO_REDIRECT_URI=http://localhost:8181/api/auth/yahoo/callback
|
||||
|
||||
# Admin Configuration
|
||||
ADMIN_EMAIL=prompttechbz@gmail.com
|
||||
ADMIN_PHONE=+5016261234
|
||||
|
||||
# Database (if needed)
|
||||
DATABASE_URL=postgresql://user:password@localhost:5432/dbname
|
||||
Reference in New Issue
Block a user