Implement a complete authentication system with user registration, login, password hashing, JWT token generation, and password reset functionality.

Project Checklist

• Create user registration endpoint with email validation
• Implement secure password hashing using bcrypt
• Build login endpoint that returns JWT tokens
• Create middleware to protect routes requiring authentication
• Implement password reset flow with secure tokens
• Add email verification for new accounts

Bonus Project Checklist Items

• Add OAuth integration (Google, GitHub)
• Implement refresh token rotation
• Add rate limiting for login attempts
• Create session management
• Add two-factor authentication (2FA)

Inspiration (Any companies/libraries similar)

• Auth0
• Firebase Auth
• Clerk

Hint/Code snippet to start

const jwt = require('jsonwebtoken');
const bcrypt = require('bcrypt');

async function registerUser(email, password) {
  const hashedPassword = await bcrypt.hash(password, 10);
  const user = await db.users.create({ email, password: hashedPassword });
  return user;
}

function generateToken(userId) {
  return jwt.sign({ userId }, process.env.JWT_SECRET, { expiresIn: '24h' });
}