Projektplan - BackEndByAlex/Timelock GitHub Wiki
Project Name: Timelock
Student: Alexandru C.A
Contact Information: [email protected]
Project Start: 22-04-2025
Submission "to myself": 30-05-2025
Version: 1.0
This project was developed as part of my education to demonstrate understanding of modern web development techniques and microservice architecture. I chose to build a password management system because it covers many important aspects of web development - from security to database management.
The idea was to create something that would actually be useful while demonstrating technical skills I learned during the course. Plus, I needed a better solution for keeping track of all my passwords myself.
Develop a functional password management system that demonstrates:
- Microservice architecture with separate services
- Secure authentication and data management
- Web development with Node.js/Express
- Database communication with MongoDB
- Test-driven development and code quality
- Learn: Node.js, Express, MongoDB in depth
- Build: A working system with multiple components
- Understand: Security in web development
Timelock consists of three main components:
- Frontend app: User interface and presentation
- Auth service: User management and authentication
- Password service: Password storage and management
- My laptop + Node.js, MongoDB
- Free tools: Git, Docker, various npm packages, VS Code
- Google for OAuth
- Gmail for sending verification emails
- Estimated: Approximately 380 hours distributed over the course
- Reality: Probably more, since I'm learning everything while building
- "It worked yesterday": Git and backup are important
- Security vulnerabilities: Googled a lot and read documentation
- Time shortage: Prioritize core functions first
- MongoDB crashes: Have a backup plan
- Google OAuth stops working: Have regular login as backup
- Working code that you can actually run
- README files that explain how everything works
- Tests that show the code works
- Documentation for future me (or others who need to understand the code)
- Reflection on what went well/poorly and what I learned
- Added Docker-compose earlier: Turned out to be quite difficult than expected but very useful
- Focused more on security: Realized it was more important than I thought, a lot to read and understand
- Less time on design: Prioritized functionality over appearance during the course; it's planned to update the design with a new design created in Figma
- JWT handling between services
- Getting CSRF protection to work with sessions
- Docker configuration (Docker compose)
- CI/CD
- Firebase, i.e., Google login to work