Check out the Issue Explorer
Looking to fund some work? You can submit a new Funded Issue here.
# End-to-end User Authentication for React and Express.js using passport.js
We are working on a dApp using React (for frontend) and Express.js (for node.js server). We are using [material UI theme for React](https://material-ui.com/). We want you to help us implement user authentication module (end-to-end) using [passport.js jwt-strategy](http://www.passportjs.org/packages/passport-jwt/).
We already have some implementation of the app. See components diagram below.
## How can you help?
Implement a simple user authentication system that keeps track of all registered users and allows access control to certain parts of the application. User Login is necessary to implement a personal credit or token score and potentially later personal consumer data or wiki edit logging. A User Login system will also provide a small but useful barrier to prevent malevolent attacks on the curation ecosystem.
This system is compromised of the following parts:
* A simple user interface that requests username*, email* and password*. (Login component of React). And option to reset password. (* are mandatory fields)
* A secure database that stores all user passwords and usernames within MongoDB. We already have mongodb setup. What you need is to create a collection ‘user’ and perform CRUD operations using [mongoose.js](https://mongoosejs.com/docs/)
* passport.js jwt-strategy based server side authentication.
We are assuming that by looking at the project structure you will have a pretty good idea where the implementation code should go. But, in case of any doubts we will help you.
- **Note** > The entire system will be Web2.0 with the datastore stored off-chain.
[Link to Github Repo](https://github.com/oceanprotocol/musicmap/)
## What needs to be done?
#### User interface
If the user ID already exists in the databse during register, an informative error message must be displayed. If the user gives in the wrong password /ID combination, a proper error message must be displayed. The user must have the option to request for a password reset when forgotten by email.
#### Passport.js integration
Implement passport.js using JWT strategy.
Connect the passport to the express.js back end.
More documentation can be found here: [http://www.passportjs.org/packages/passport-jwt/](http://www.passportjs.org/packages/passport-jwt/)
#### User Datastore
Create a scalable datastore for application users within Mongo DB.
Each user entry should have the following fields in collection **users**. Sample is shown below -
- The datastore should not allow any duplicate entries based on user ID.
- New users should be added to the database after registration in the interface.
- Password is updated whenever user updates the password.
#### Test coverage:
Related tests should be written using mocha for express.js and React UI tests using Jest
## We are very happy when
- [ ] User is able to register, login, change password using React UI component.
- [ ] User authentication is verified using passport.js jwt strategy on the server-side and appropriate error or success message is displayed on UI
- [ ] Corresponding entry is saved in mongodb using mongoose.js when user registers, logins, updates password etc.
- [ ] Test coverage for UI and Server-side test corresponding to this implementation is >70%
- [ ] code for this implementation is merged into master branch for this repo - https://github.com/oceanprotocol/musicmap/
**Note** > All PRs for this implementation goes in this repo:
## Seen this problem before?
Any help solving this is welcome. Feel free to leave any comments and help someone else to solve it. We might airdrop tokens to someone even if not directly completing bounty.
## Questions & Reviews
Pull requests will be reviewed by one of the maintainers or long-term contributors. In case of any additional questions feel free to ask in this thread and we will do our best to add the missing info :)
## Things to know
The bounty lifecycle process including payout will be managed using [Gitcoin](https://gitcoin.co/explorer?network=mainnet&keywords=oceanprotocol&order_by=-web3_created).
We'll be responding to your questions here, but for discussion and clarification we recommend to join also our [Gitter channel](https://gitter.im/oceanprotocol/Lobby) where our tech community is accessible.
In order to see the PROCN balance in your wallet you'll need to reference the related token contract with address _0xf2aabdd898a0139195b2b5da7387d43a45ded254_. If you use a Metamask plugin you'll find the the exact steps [here](https://metamask.zendesk.com/hc/en-us/articles/360015489011-Managing-ERC20-Tokens).
Lastly, even if it is a contest bounty, we will reward all valuable contributions and efforts. We greatly appreciate the value our open source community brings to Ocean and will always award some tokens to all great contributions! :smiley:
Once the project was reviewed and merged in the master branch, you will receive the reward. PROCN is a proto-Ocean token. Bounty hunters that earn PROCN will be able to convert them 1:1 to Ocean tokens on network launch (Ocean Token will be valued at at 0.22 EUR on network launch). Network launch is expected to happen by Mar 31, 2019. Until then PROCN will be locked and non-transferrable in the ETH wallet to which it is delivered to.