Skip to content

Nisarsaeed/python-authentication-flow

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

34 Commits
backend
backend
Β 
Β 
frontend
frontend
Β 
Β 
README.md
README.md
Β 
Β 

Repository files navigation

πŸ” Full-Stack Authentication & User Management System

This project is a full-stack authentication and user management system built with:

  • Backend β†’ Flask (REST API with Flask-RESTX, JWT authentication, email OTP verification)
  • Frontend β†’ Next.js (React + Context API for global state management)
  • Database β†’ SQLite : Stores users, hashed passwords, profile pictures, OTPs, and tokens

It provides a production-grade authentication flow with login, registration, secure JWT sessions, email verification, and profile management.

πŸš€ Features

  • βœ… Secure JWT-based authentication (Access & Refresh tokens in HTTP-only cookies)
  • βœ… Email verification (OTP system) using Gmail SMTP
  • βœ… Profile picture upload and storage with database path reference
  • βœ… Session management with auto-refresh and logout handling
  • βœ… Role-based route protection (401 Unauthorized / 403 Forbidden separation)
  • βœ… Interactive Swagger API Docs (/docs) via Flask-RESTX
  • βœ… Frontend middleware to guard protected routes
  • βœ… Global auth state management using React Context
  • βœ… Resposive Desing Tailwind CSS for attractive and responsive design

2️⃣ Clone Repo

git clone https://github.com/Nisarsaeed/python-authentication-flow.git
cd python-authentication-flow

3 Backend Setup (Flask)

πŸ“Œ Requirements

  • Python 3.12
  • pip (Python package manager)

πŸ“¦ Install Dependencies

cd backend
python -m venv venv
venv\Scripts\activate
pip install -r requirements.txt

βš™οΈ Environment Variables

Create a .env file inside the backend/ folder with:

MAIL_USERNAME=youremailaddress
MAIL_PASSWORD=password
JWT_SECRET_KEY=your_random_secret_key

πŸ“Œ Notes

Use a Gmail App Password (16-digit code from Google β†’ Security β†’ App Passwords). Then add the generated credentials in the backend .env file

Run Backend

python app.py

backend will be live at http://127.0.0.1:5000/

4 Frontend Setup (NextJs + TypeScript)

πŸ“Œ Requirements

  • npm

πŸ“¦ Install Dependencies

cd frontend
npm install

Run Frontend

npm run dev

frontend will be live at http://localhost:3000/

πŸ”‘ Authentication Flow

User registers or logs in β†’ Backend issues Access Token (30 min) + Refresh Token (7 days) stored in HTTP-only cookies.

  1. Access token is used for API requests.

  2. If access token expires β†’ frontend automatically calls /auth/refresh-token.

  3. If refresh token expired β†’ user must log in again.

  4. Logout clears tokens from cookies and frontend state.

πŸ“€ Profile Picture Upload

  • User uploads image during registration/profile update.

  • File is stored in backend/uploads/.

  • Path saved in DB β†’ returned with user details.

  • Frontend loads the images using the /user/image/filename

Super Admin Credentials

Run the seed_super_admin.py file to create predefined super admin through credentials defined in the file

cd backend 
python seed_super_admin.py

About

Next + Flask Auth Flow. Watch Live Demo At: https://drive.google.com/file/d/18o2BIF2aIS9FU5rbF-nSClbNkLT77Ph6/view

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages