A complete authentication system built with the MERN Stack featuring secure JWT-based authentication, email verification using OTP, password reset flow, and protected routes.
This project demonstrates real-world authentication architecture used in production applications.
-
π Frontend (Vercel)
π https://authentication-system-kohl.vercel.app -
βοΈ Backend API (Render)
π https://authenticationsystem-illr.onrender.com
π Add images inside a
screenshots/folder
-
π Home Page
-
π Login Page
-
π Register Page
-
π Password Reset
- β User Registration with Email & Password
- β Secure Login using JWT Authentication
- β Email Verification via OTP (NodeMailer + Brevo SMTP)
- β Forgot Password & Reset Password using OTP
- β HTTP-Only Cookies for JWT (XSS Protection)
- β Protected Routes (Backend Middleware)
- β Context API for Global Auth State
- β Fully Responsive UI (Tailwind CSS)
- β Production-ready deployment (Render + Vercel)
- βοΈ React (Vite)
- π Axios
- π§ Context API
- π¨ Tailwind CSS
- π React Toastify
- π’ Node.js
- π Express.js
- π MongoDB + Mongoose
- π JWT Authentication
- π bcrypt.js (Password Hashing)
- βοΈ NodeMailer (Email OTP)
- πͺ Cookie Parser
- π CORS Configuration
- Frontend β Vercel
- Backend β Render
- Database β MongoDB Atlas
- User signs up with name, email, password
- Password hashed using bcrypt
- JWT generated and stored in HTTP-only cookie
- Verification OTP sent via email
- OTP sent to registered email
- OTP validated with expiry check
- Account marked as verified
- Credentials validated
- JWT generated and stored securely
- User session maintained via cookies
- User requests reset via email
- OTP sent to email
- OTP verified
- Password updated securely
AuthenticationSystem/
β
βββ backend/
β βββ controllers/
β βββ middleware/
β βββ models/
β βββ routes/
β βββ config/
β βββ server.js
β
βββ frontend/
β βββ src/
β β βββ pages/
β β βββ context/
β β βββ components/
β β βββ assets/
β βββ main.jsx
β
βββ README.md
MONGODB_URI=your_mongodb_uri
JWT_SECRET=your_jwt_secret
NODE_ENV=production
SMTP_USER=your_smtp_user
SMTP_PASS=your_smtp_password
SENDER_EMAIL=your_email
VITE_BACKEND_URL=https://authenticationsystem-illr.onrender.com
git clone https://github.com/amit77t/AuthenticationSystem.git cd AuthenticationSystem
cd backend
npm install
npm run server
cd frontend
npm install
npm run dev
-
π Password hashing with bcrypt
-
πͺ HTTP-only JWT cookies
-
π Strict CORS configuration
-
β± OTP expiration handling
-
π« Sensitive data stored in environment variables
-
π Refresh Token implementation
-
π± Google / GitHub OAuth
-
π§βπΌ User Dashboard
-
π§ͺ Unit & Integration Testing
-
π Role-based Authorization
Amit Chaurasia
-
If you like this project:
-
β Star the repository
-
π΄ Fork it
-
π’ Share it