fix: secure authentication — password hashing + email validation improvements #96

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Open

Sumukhapb wants to merge 1 commit into Nikhil-2002:main from Sumukhapb:secure-authentication

Sumukhapb commented Oct 27, 2025

Improved Authentication Security

This PR enhances the /signup route by introducing proper security and validation measures.

Key Changes:

Added bcrypt hashing for storing passwords securely
Added email format validation to prevent invalid signup data
Removed sensitive console logs for better security and privacy
Improved readability and error handling response messages

Why These Changes Are Important

Storing plain text passwords is unsafe and a major security risk
Backend should validate email format before creating accounts
Prevents accidental logging of user credentials in server console

Note
If possible, please add hacktoberfest-accepted label ✅
This contribution aims to improve security and backend reliability for the project.

Thank you for maintaining this repo! 🙌


          fix: secure signup using bcrypt hashing + email validation

69d1304

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet