Skip to content

sharvari247/SQLi_Detection_using_ML

Repository files navigation

SQLi_Detection_using_ML

Database & Models (Sequelize/PostgreSQL)

User Model: Created the schema to store username, email, password, role, and isActive.

Verification System: Successfully altered the database to include isVerified (boolean) and verificationToken to handle email-based account activation.

Core Security & Validation (Middleware)

Data Validation (Joi): Built a robust request validator that ensures users submit strong passwords and restricts signups strictly to the @bmsit.in domain.

Reusable Validation Engine: Separated the Joi runner logic from the specific schemas so you can easily validate Teachers and Students later.

Authentication Middleware: Created the verifyToken gatekeeper that reads JWTs from incoming requests and protects secure routes.

Anti-Brute Force: Installed and configured express-rate-limit to prevent hackers from spamming the login route.

Header Protection: Added helmet to secure Express HTTP headers.

The Authentication API (Controllers & Routes)

Signup Flow: Hashes passwords using bcryptjs, checks for duplicate emails/usernames, and generates an initial verification token.

Signin Flow: Verifies credentials, checks if the account is activated, and issues a 24-hour JSON Web Token (JWT) for session management.

Account Verification: Built the GET /api/users/verify route that captures the token from the URL, updates the database, and serves a success HTML page.

Frontend Integration (HTML/JS)

CORS Configuration: Successfully bridged the gap between your local frontend and backend so they can securely talk to each other.

Login Interface: Created login.html and wired it up with login.js using the Fetch API to send credentials and handle server responses.

Token Storage: Programmed the frontend to securely catch the accessToken and store it in localStorage.

Protected Dashboard: Implemented frontend security in dashboard.js that automatically redirects unauthenticated users back to the login page if they try to bypass the system.

About

No description, website, or topics provided.

Resources

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages