# 🚀 Quick Start Checklist

Follow these steps to activate your authentication system:

## ☐ Step 1: Gmail App Password (5 minutes)

1. Go to <https://myaccount.google.com/security>
2. Enable **2-Step Verification** (if not enabled)
3. Click **App passwords**
4. Select **Mail** → **Other (Custom name)**
5. Name it: `PromptTech Solutions`
6. Copy the 16-character password
7. Save it for Step 4

## ☐ Step 2: Google OAuth (10 minutes)

1. Go to <https://console.cloud.google.com/>
2. Create project: `PromptTech Solutions`
3. Enable **Google+ API**
4. Create **OAuth consent screen**:
   - User Type: External
   - App name: PromptTech Solutions
   - Email: <prompttechbz@gmail.com>
   - Scopes: email, profile
5. Create **OAuth client ID**:
   - Type: Web application
   - Authorized origins: `http://localhost:5300`
   - Redirect URIs: `http://localhost:8181/api/auth/google/callback`
6. Copy Client ID and Client Secret
7. Save for Step 4

## ☐ Step 3: Facebook OAuth (10 minutes)

1. Go to <https://developers.facebook.com/>
2. Create App → **Consumer**
3. App name: `PromptTech Solutions`
4. Add **Facebook Login** product
5. Configure OAuth redirect:
   - Valid URIs: `http://localhost:8181/api/auth/facebook/callback`
6. Copy App ID and App Secret (Settings → Basic)
7. Toggle app to **Live** mode
8. Save for Step 4

## ☐ Step 4: Yahoo OAuth (10 minutes)

1. Go to <https://developer.yahoo.com/>
2. Create App: `PromptTech Solutions`
3. Type: Web Application
4. Redirect URI: `http://localhost:8181/api/auth/yahoo/callback`
5. Permissions: OpenID Connect
6. Copy Client ID and Client Secret
7. Save for Step 4

## ☐ Step 5: Configure Environment

1. Open `backend/.env` (create from `.env.example` if needed):

```bash
cd /media/pts/Website/PromptTech_Solution_Site/backend
cp .env.example .env
nano .env
```

1. Fill in these values:

```env
# Gmail SMTP (from Step 1)
SMTP_USER=prompttechbz@gmail.com
SMTP_PASSWORD=abcd efgh ijkl mnop    # Your 16-char password

# Google OAuth (from Step 2)
GOOGLE_CLIENT_ID=xxxxxxxx.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=GOCSPX-xxxxxxxxxx

# Facebook OAuth (from Step 3)
FACEBOOK_APP_ID=1234567890123456
FACEBOOK_APP_SECRET=abc123def456...

# Yahoo OAuth (from Step 4)
YAHOO_CLIENT_ID=dj0yJmk9xxxxxxxx
YAHOO_CLIENT_SECRET=abcdef123456...
```

1. Generate a strong JWT secret:

```bash
python3 -c "import secrets; print(secrets.token_urlsafe(64))"
```

1. Add to .env:

```env
JWT_SECRET=<paste-generated-secret-here>
```

## ☐ Step 6: Restart Backend

```bash
cd /media/pts/Website/PromptTech_Solution_Site/scripts
./start_backend.sh
```

Wait for: `Database initialized successfully`

## ☐ Step 7: Test Each Login Method

1. **Email Registration:**
   - Go to <http://localhost:5300/login>
   - Click "Sign up"
   - Fill: First Name, Last Name, Email, Password
   - Click "Create Account"
   - Check email for verification link
   - Click verification link
   - Should see "Email verified successfully!"

2. **Google Login:**
   - Go to <http://localhost:5300/login>
   - Click "Sign in with Google"
   - Select Google account
   - Should redirect back and login

3. **Facebook Login:**
   - Click "Sign in with Facebook"
   - Login to Facebook
   - Approve permissions
   - Should redirect back and login

4. **Yahoo Login:**
   - Click "Sign in with Yahoo"
   - Login to Yahoo account
   - Approve permissions
   - Should redirect back and login

## ✅ Verification Checklist

- [ ] Gmail App Password created and working
- [ ] Google OAuth app created and tested
- [ ] Facebook app created and set to Live
- [ ] Yahoo app created
- [ ] All credentials in `.env` file
- [ ] Backend restarted successfully
- [ ] Email verification working (check inbox)
- [ ] Google login working
- [ ] Facebook login working
- [ ] Yahoo login working

---

## 🆘 Troubleshooting

**Email not sending?**

- Verify App Password is correct (no spaces)
- Check SMTP_USER matches the Gmail account
- Try sending test email manually

**OAuth redirect error?**

- Verify redirect URIs match EXACTLY
- Check for trailing slashes
- Ensure app is "Live" (Facebook)

**Token expired?**

- Verification links expire after 24 hours
- User can register again with same email

**Database error?**

- Check if migration ran: `ls backend/logs/`
- Look for errors in backend console
- Verify database is running

---

## 📚 Full Documentation

For detailed instructions, see:

- [docs/AUTH_SETUP_GUIDE.md](AUTH_SETUP_GUIDE.md) - Complete setup guide
- [docs/AUTH_IMPLEMENTATION_SUMMARY.md](AUTH_IMPLEMENTATION_SUMMARY.md) - Technical details

---

**Estimated Time:** 30-40 minutes total  
**Difficulty:** Medium (following step-by-step)  
**Status:** Ready to configure ✅