SecurePass Backend is the backend API for SecurePass, a password management system. This API provides endpoints for managing user accounts, password records, authentication, and more.
SecurePass is designed to securely store and manage passwords for various accounts and services. It offers features such as:
- User Authentication: Securely authenticate users to access their password vault.
- Account Management: Manage user accounts, including signup, sign-in, logout, and password management.
- Password Records: CRUD operations for password records, including adding, updating, deleting, and sharing.
- Security: Ensure secure storage and transmission of passwords and sensitive information.
SecurePass.Demo.mp4
- Application Architecture:
- Password Recovery:
- Vault Record Encryption:
These instructions will help you set up and run the SecurePass backend API on your local machine for development and testing purposes.
Make sure you have the following installed on your machine:
-
Clone the repository:
git clone https://github.com/ddas09/secure-pass.git
-
Navigate to the project directory:
cd secure-pass -
Set up the database:
- Create a PostgreSQL database for SecurePass.
- Update the connection string in the
appsettings.jsonfile with your PostgreSQL database credentials.
{ "ConnectionStrings": { "SecurePass": "<your-connection-string>" } } -
Update
appsettings.json:-
Token Secrets: Generate random secret keys for JWT token generation. You can use any secure random string generator online for this purpose. Update the
JwtConfigurationsection in theappsettings.jsonfile with your token secrets. -
Token Expirations: Adjust the different token expirations according to your needs.
{ "JwtConfiguration": { "SignupTokenExpirationTimeInMinutes": 180, "AccessTokenSecret": "<some-secret-key-generated-oneline>", "AccessTokenExpirationTimeInMinutes": 15, "RefreshTokenSecret": "<some-secret-key-generated-oneline>", "RefreshTokenExpirationTimeInMinutes": 30, "RecoveryTokenExpirationTimeInMinutes": 60, "IdentityTokenSecret": "<some-secret-key-generated-oneline>", "IdentityTokenExpirationTimeInMinutes": 15, "Issuer": "<url-of-token-issuer>", "Audience": "<url-of-audiences>" } }- Mail Configuration: Obtain an app password for Gmail using the instructions here. Update the
MailSettingssection in theappsettings.jsonfile with your Gmail credentials and app password.
{ "MailConfiguration": { "Mail": "<mail-id-for-sending-mail>", "DisplayName": "<mail-display-name>", "Password": "<secure-password>", "Host": "<host-of-mail-smtp>", "Username": "<mail-id-for-sending-mail>", "Port": "<mail-port>" } }- Hangfire Configuration: Choose hangfire credentials of your choice. This can be used to access the hangfire dashboad at this url -
http://localhost:5001/hangfire/dashboard.
{ "Hangfire": { "AdminUser": "<hangfire-username-of-your-choice>", "BasicAuthPass": "<hangfire-password-of-your-choice>" } } -
-
Install dependencies:
dotnet restore
To run the tests for SecurePass Backend, open a terminal or command prompt, navigate to the project directory, and run:
dotnet testTo run the backend API locally:
-
Ensure that your PostgreSQL server is running.
-
Run the API:
dotnet run-
Fork the repository.
-
Create a new branch:
git checkout -b feature/your-feature
-
Make your changes.
-
Commit your changes
git commit -a 'Add new feature' -
Push to the branch
git push origin feature/your-feature
-
Create a new Pull Request.
This project is open-source and licensed under the MIT License.
The API will be running at https://localhost:5001 by default.
Once the backend is running, you can access the API documentation (Swagger UI) at https://localhost:5001/swagger. This documentation provides details about the available endpoints and how to use them.