1. User Registration

1. User Input Collection:
   • React: Form collects email and password.
2. Validation:
   • Client-side (React): Validates email format and password strength.
   • Server-side (Express.js): Uses express-validator to enforce rules and prevent invalid data.
3. Check for Existing Users:
   • MongoDB (Mongoose): Checks if the email already exists.
4. Password Hashing:
   • bcrypt: Hashes the password to ensure secure storage.
5. Save User:
   • Mongoose: Saves user details in MongoDB.
6. Response to Client:
   • Express.js: Sends success or error message back to React.

2. User Login

1. User Input Collection:
   • React: Form collects email and password.
2. Validation:
   • Client-side (React): Ensures fields are filled correctly.
   • Server-side (Express.js): Validates credentials.
3. User Lookup:
   • MongoDB (Mongoose): Finds user by email.
4. Password Verification:
   • bcrypt: Compares entered password with hashed password.
5. Token Generation:
   • jsonwebtoken: Generates a JWT containing user information.
6. Send Token to Client:
   • Express.js: Returns JWT to React for session management.

3. Forgot Password

1. Request Password Reset:
   • React: Form for entering the email.
2. Validation:
   • Express.js: Checks if the email exists in MongoDB.
3. Generate Reset Token:
   • crypto: Creates a secure token.
4. Store Token:
   • Mongoose: Stores token and expiry time in MongoDB.