PTS/PromptTech
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ca04de4885d97dff9a945af3e84e7d115e515b68
PromptTech/docs/QUICK_SETUP_CHECKLIST.md
Kristen Hercules 9a7b00649b feat: Implement comprehensive OAuth and email verification authentication system 
- Add email verification with token-based validation
- Integrate Google, Facebook, and Yahoo OAuth providers
- Add OAuth configuration and email service modules
- Update User model with email_verified, oauth_provider, oauth_id fields
- Implement async password hashing/verification to prevent blocking
- Add database migration script for new user fields
- Create email verification page with professional UI
- Update login page with social login buttons (Google, Facebook, Yahoo)
- Add OAuth callback token handling
- Implement scroll-to-top navigation component
- Add 5-second real-time polling for Products and Services pages
- Enhance About page with Apple-style scroll animations
- Update Home and Contact pages with branding and business info
- Optimize API cache with prefix-based clearing
- Create comprehensive setup documentation and quick start guide
- Fix login performance with ThreadPoolExecutor for bcrypt operations

Performance improvements:
- Login time optimized to ~220ms with async password verification
- Real-time data updates every 5 seconds
- Non-blocking password operations

Security enhancements:
- Email verification required for new accounts
- OAuth integration for secure social login
- Verification tokens expire after 24 hours
- Password field nullable for OAuth users
2026-02-04 00:41:16 -06:00

4.6 KiB
Raw Blame History

🚀 Quick Start Checklist

Follow these steps to activate your authentication system:

☐ Step 1: Gmail App Password (5 minutes)

  1. Go to https://myaccount.google.com/security
  2. Enable 2-Step Verification (if not enabled)
  3. Click App passwords
  4. Select MailOther (Custom name)
  5. Name it: PromptTech Solutions
  6. Copy the 16-character password
  7. Save it for Step 4

☐ Step 2: Google OAuth (10 minutes)

  1. Go to https://console.cloud.google.com/
  2. Create project: PromptTech Solutions
  3. Enable Google+ API
  4. Create OAuth consent screen:
  5. Create OAuth client ID:
    • Type: Web application
    • Authorized origins: http://localhost:5300
    • Redirect URIs: http://localhost:8181/api/auth/google/callback
  6. Copy Client ID and Client Secret
  7. Save for Step 4

☐ Step 3: Facebook OAuth (10 minutes)

  1. Go to https://developers.facebook.com/
  2. Create App → Consumer
  3. App name: PromptTech Solutions
  4. Add Facebook Login product
  5. Configure OAuth redirect:
    • Valid URIs: http://localhost:8181/api/auth/facebook/callback
  6. Copy App ID and App Secret (Settings → Basic)
  7. Toggle app to Live mode
  8. Save for Step 4

☐ Step 4: Yahoo OAuth (10 minutes)

  1. Go to https://developer.yahoo.com/
  2. Create App: PromptTech Solutions
  3. Type: Web Application
  4. Redirect URI: http://localhost:8181/api/auth/yahoo/callback
  5. Permissions: OpenID Connect
  6. Copy Client ID and Client Secret
  7. Save for Step 4

☐ Step 5: Configure Environment

  1. Open backend/.env (create from .env.example if needed):
cd /media/pts/Website/PromptTech_Solution_Site/backend
cp .env.example .env
nano .env
  1. Fill in these values:
# Gmail SMTP (from Step 1)
SMTP_USER=prompttechbz@gmail.com
SMTP_PASSWORD=abcd efgh ijkl mnop    # Your 16-char password

# Google OAuth (from Step 2)
GOOGLE_CLIENT_ID=xxxxxxxx.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=GOCSPX-xxxxxxxxxx

# Facebook OAuth (from Step 3)
FACEBOOK_APP_ID=1234567890123456
FACEBOOK_APP_SECRET=abc123def456...

# Yahoo OAuth (from Step 4)
YAHOO_CLIENT_ID=dj0yJmk9xxxxxxxx
YAHOO_CLIENT_SECRET=abcdef123456...
  1. Generate a strong JWT secret:
python3 -c "import secrets; print(secrets.token_urlsafe(64))"
  1. Add to .env:
JWT_SECRET=<paste-generated-secret-here>

☐ Step 6: Restart Backend

cd /media/pts/Website/PromptTech_Solution_Site/scripts
./start_backend.sh

Wait for: Database initialized successfully

☐ Step 7: Test Each Login Method

  1. Email Registration:

    • Go to http://localhost:5300/login
    • Click "Sign up"
    • Fill: First Name, Last Name, Email, Password
    • Click "Create Account"
    • Check email for verification link
    • Click verification link
    • Should see "Email verified successfully!"

  2. Google Login:

  3. Facebook Login:

    • Click "Sign in with Facebook"
    • Login to Facebook
    • Approve permissions
    • Should redirect back and login

  4. Yahoo Login:

    • Click "Sign in with Yahoo"
    • Login to Yahoo account
    • Approve permissions
    • Should redirect back and login

Verification Checklist

  • Gmail App Password created and working
  • Google OAuth app created and tested
  • Facebook app created and set to Live
  • Yahoo app created
  • All credentials in .env file
  • Backend restarted successfully
  • Email verification working (check inbox)
  • Google login working
  • Facebook login working
  • Yahoo login working

🆘 Troubleshooting

Email not sending?

  • Verify App Password is correct (no spaces)
  • Check SMTP_USER matches the Gmail account
  • Try sending test email manually

OAuth redirect error?

  • Verify redirect URIs match EXACTLY
  • Check for trailing slashes
  • Ensure app is "Live" (Facebook)

Token expired?

  • Verification links expire after 24 hours
  • User can register again with same email

Database error?

  • Check if migration ran: ls backend/logs/
  • Look for errors in backend console
  • Verify database is running

📚 Full Documentation

For detailed instructions, see:

Estimated Time: 30-40 minutes total
Difficulty: Medium (following step-by-step)
Status: Ready to configure

Reference in New Issue View Git Blame Copy Permalink