by Manthan Kumbhar | Budding Developer 🌱

Overview 🌐

Build a notion clone to improve my skills and learn new stuff

Functional requirements🗒️

• new users should be able to register their account using their email ID & password
• existing users should be able to log in using their email ID & password
• users should be able to make a "forgot password" request, to get an email link to reset the password

Engineering Design 🎨

Hosting 📤

1. Netlify
   • They are fast for frontend work
   • I already know the works and their server's uptime is great too.
2. Heroku
   • Using it for all the backend work and database management
   • Mainly used for sending API calls, saving data, and authentication

Languages and framework ✍️

I'll be using React (Javascript) for the frontend, Flask (Python) for the backend, PostgreSQL for database management

Solution Outline 💪

1. Users can sign up or sign in to use the service
2. While signing up the user needs to enter their email and password, the password is encrypted using Bcrypt at 10 hashes/sec, and then the data is pushed to the database
3. Once a user is signed up, he/ she is redirected to the protected route and given a pair of tokens (access and refresh) and save it to their browser’s local storage, when a user tries to log in again, he/she will be redirected to protected route directly these tokens help to check whether a user is authenticated once they enter the protected route again
4. The logic behind tokens is to not give a user lifetime access to the service, every time a user logs in he/she is given two tokens:
   1. an access token that is valid for 30mins and plays the main role for the user authentication
   2. and a refresh token that is valid for a year and it’s used to get a new set of tokens (access and refresh) whenever the access token expires
5. The same logic works when a user logs in but here we’ll just check if the user exists in the database and then send out the pair of tokens (access and refresh) else send out errors