How this registration and sign in system works
This system is a practice project where I practice encryption and think about security.
I don't have https setup on my server yet, so I implemented something in place of it.
System uses:
- RSA private-public key generation to hide information
- AES symetric keys to encrypt content larger than ~200 bytes
- Bcrypt Feistel cipher to store and compare passwords so even the db admins can't know your password
- Plain ECMAScript html/css/js no frontend frameworks
- Express framework running in nodejs backend
- pg connection pool to talk to postgres database
- SQL queries written out within js
- Bash shell scripts build pipelines
- Qunit to run tests in browser js
This is a flow diagram of signing in and looking at content after the system was developed much further
This is the system structure later while trying to make the system testable
A screenshot of qunit showing some testing from browser side js all the way to database tables.
