Feat: Feature signup page (Create SignUp Page & Integrate Backend API) [Issue #57]

[Rohanrathod7]

Signup

---

Closes #57

Feature Implementation - Walkthrough

Key Changes

Frontend (LocalMind-Frontend)

• **New UI Design

sign**: Implemented a modern, split-screen split layout with a promotional image and a clean form interface using SignUp.tsx.

• Validation: Added comprehensive Zod schema validation:
  • Strict password rules (min 8 chars, uppercase, lowercase, number, special char).
  • Field validation for Email, Birth Place, Location.
  • Optional Role field added.
• API Integration: Aligned endpoints with backend:
  • Register: POST /api/v1/auth/signup
• Testing:
  • Set up Vitest framework.
  • Added unit tests for Zod schema (signUpSchema.test.ts) covering 18 scenarios.

Backend (LocalMind-Backend)

• Endpoints: Verified and documented POST /api/v1/auth/signup.
• Validation:
  • Ensured user.validator.ts matches frontend rules.
  • Confirmed firstName is used consistently (replaced fullName).
• Testing:
  • Added Jest integration tests (user.test.ts) for:
    • User registration success.
    • Duplicate email handling.
    • Password strength validation (5 refusal cases).
    • Input edge cases (empty fields, max length).

Documentation

• Created signup_dataflow.md detailing the architecture.
• Added Postman Collection with 13 test cases.

---

🧪 Verification Results

Automatic Tests

• Frontend: 18/18 Tests Passed (Vitest)
• Backend: 15+ Tests Passed (Jest)

Manual Verification

• Postman: Validated all 13 scenarios (Success, Duplicates, Validation Errors).
• Type Check: Frontend and Backend checks verified.

---

PR Checklist

• Frontend Code Implemented
• Backend Validation Aligned
• Tests Added & Passing
• Documentation Updated
• Type Check Passed

[gemini-code-assist]

Summary of Changes

Hello @Rohanrathod7, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces a complete signup feature, enabling new user registration for the application. It encompasses a modern UI design, robust client-side and server-side validation using Zod, secure password hashing, and seamless API integration. The changes are thoroughly tested with both unit and integration tests, and comprehensive documentation is provided to explain the data flow and architecture.

Highlights

• Feature Implementation: Signup Page: A new signup page has been implemented, covering both frontend and backend aspects, allowing users to register with robust validation and secure password handling.
• Comprehensive Validation: Client-side validation is handled using Zod, ensuring strict password rules (min 8 chars, uppercase, lowercase, number, special char) and field validation for email, birth place, and location. Backend validation is aligned with these rules for consistency and security.
• API Integration & Alignment: The frontend is integrated with the backend's new /api/v1/auth/signup endpoint. The API configuration is centralized, and the backend now includes CORS support.
• Extensive Testing: Frontend unit tests for the Zod schema (18 scenarios) are set up with Vitest. Backend integration tests (15+ scenarios) are implemented with Jest, covering user registration, duplicate email handling, password strength, and input edge cases.
• Detailed Documentation: A new markdown file, signup_dataflow.md, has been created to detail the architecture, step-by-step data flow, data transformation, and error handling for the signup feature. The Postman collection has also been updated with 13 test cases for authentication endpoints.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a comprehensive signup feature, including frontend UI, backend API integration, and extensive testing. The implementation is solid, with good separation of concerns and thorough test coverage. My feedback focuses on improving security, consistency, and test reliability. Key points include tightening the CORS policy, aligning validation logic between tests and implementation, and improving the robustness of integration tests. Overall, this is a great contribution that significantly advances the project's user authentication capabilities.

[gemini-code-assist]

The password validation regex in this test file is different from the one used in the SignUp.tsx component and the backend validator. This test uses /[@$!%*?&]/, while the component and backend use the more comprehensive /[!@#$%^&*(),.?":{}|<>]/. This discrepancy means your tests are not accurately validating the same password policy that is enforced in the application, which could lead to valid passwords being rejected by tests or vice-versa. Please update the regex in this test file to match the one in SignUp.tsx.

Suggested change

	password: z
	.string()
	.min(8, 'Password must be at least 8 characters')
	.max(128, 'Password must be less than 128 characters')
	.regex(/[A-Z]/, 'Must contain uppercase letter')
	.regex(/[a-z]/, 'Must contain lowercase letter')
	.regex(/[0-9]/, 'Must contain a number')
	.regex(/[@$!%*?&]/, 'Must contain special character'),
	password: z
	.string()
	.min(8, 'Password must be at least 8 characters')
	.max(128, 'Password must be less than 128 characters')
	.regex(/[A-Z]/, 'Must contain uppercase letter')
	.regex(/[a-z]/, 'Must contain lowercase letter')
	.regex(/[0-9]/, 'Must contain a number')
	.regex(/[!@#$%^&*(),.?":{}|<>]/, 'Must contain special character'),

[gemini-code-assist]

The current CORS configuration is too permissive for a production environment. Using origin: true reflects the request's origin, which can introduce security risks by allowing requests from any domain. It is highly recommended to restrict this to a specific list of allowed origins, preferably loaded from an environment variable.

Suggested change

	app.use(cors({ origin: true, credentials: true }))
	app.use(cors({ origin: [env.FRONTEND_URL], credentials: true }))

[gemini-code-assist]

This test for a successful login is a bit fragile. It includes conditional logic and a console.log to handle the case where the test user might not exist. A better practice for integration tests is to ensure a consistent state before each test run.

Consider using a beforeAll or beforeEach hook to create the necessary test user. This will make your test more deterministic and remove the need for conditional logic and logging within the test itself.

For example:

describe('Login Endpoint Tests', () => {
  const loginTestEmail = env.YOUR_EMAIL || 'test@example.com';
  const validPassword = 'Test@1234';

  beforeAll(async () => {
    // Ensure the test user exists, create if not.
    await UserUtils.ensureTestUserExists(loginTestEmail, validPassword);
  });

  it('should successfully login with valid credentials', async () => {
    const res = await axios.post(`${API_URL}/user/login`, {
      email: loginTestEmail,
      password: validPassword,
    });

    expect(res.status).toBe(200);
    expect(res.data).toBeDefined();
    expect(res.data.message).toBeDefined();
  }, 10000);

  // ... other tests
});

[gemini-code-assist]

The response example for the "Register User" endpoint shows the user data under a user key. However, the corresponding backend test (user.test.ts) asserts that this data is under a userObj key. Please ensure the documentation matches the actual API response for consistency.

Suggested change

	"data": {
	"userId": "abc123",
	"username": "john_doe",
	"email": "john@example.com",
	"user": {
	"firstName": "John",
	"email": "john@example.com",
	"role": "user",
	"createdAt": "2024-01-15T10:30:00Z"
	},
	"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
	}
	"data": {
	"userObj": {
	"firstName": "John",
	"email": "john@example.com",
	"role": "user",
	"createdAt": "2024-01-15T10:30:00Z"
	},
	"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
	}

[gemini-code-assist]

The form includes an input field for role, but the handleSubmit function hardcodes the role to 'user' in the payload sent to the backend. This is confusing for the user, as their input in the role field is ignored. If the role is not meant to be user-configurable during signup, this input field should be removed from the form to avoid confusion. After removing it, you may also want to adjust the grid layout for the 'Full Name' field to span the full width.

[gemini-code-assist]

The Zod schema for bio in this test file is missing the .min(5, ...) validation that is present in the SignUp.tsx component. This can lead to tests passing for inputs that would fail in the actual component. Please ensure the validation schemas are identical to maintain consistency between your tests and the implementation.

Suggested change

	bio: z.string().max(50, 'Bio must be less than 50 characters'),
	bio: z.string().min(5, 'Bio must be at least 5 characters').max(50, 'Bio must be less than 50 characters'),

[abhishek-nexgen-dev]

Create SignUp page Similar to Sign In page make sure the signup page match withLogin page

[abhishek-nexgen-dev]

Please make Ui Like this with some Improvement @Rohanrathod7

[Rohanrathod7]

Just Updated Sign up page it also includes a little Password Reset functionality code in the same branch.

Technically, the code works perfectly and I've resolved the merge conflicts with the latest master.

I actually have the full Password Reset feature ready in a separate branch with updated UI for forgot reset page #89

[abhishek-nexgen-dev]

@Rohanrathod7 add margin on top of the form and make sure the website is Fully Responsive in all screen size

[Rohanrathod7]

updated top margin and responsiveness