Authentication Project

Your project this week is to build a web app that authenticates users and stores user-specific data in a SQLite database.


Before you start writing features you need to create a security plan. This should a section in your that describes how you will secure your app and mitigate different potential attacks.

Questions to consider

  • Will you store session info in a cookie (stateless) or in your database (stateful)?
  • How will you check a user’s identity (authentication)?
  • How will you control what actions a user can take (authorization)?
  • How will you mitigate Cross-site Request Forgery (CSRF) attacks?

Useful resources

User stories


  • As a user, I want to: submit information to your site for anyone to see
  • As a user, I want to: come back to your site later and see what I posted is still there
  • As a user, I want to: be the only person allowed to delete my stuff

Since this project is open-ended you’ll need to write your own more specific user stories once you know what you want to build.

Example project ideas

  • Founders & Coders book sharing system
  • Food / coffee recommendations around Founders & Coders
  • Founders & Coders events calendar

Acceptance Criteria

Stretch criteria