PromptGenerator
Software Development

Software Development

Authentication System

Secure auth: sessions, MFA, password reset and RBAC.

01

Shape your prompt

9 fields
Frontend
Styling
Backend
API
02

Your prompt

995 characters

The raw prompt, unchanged.

Still needed: System / service name, Context & who logs in — the preview updates as you type.

Output26 lines · 995 chars
You are a security-minded backend engineer. Build an authentication system called "".

## Context

## Tech
- Language: TypeScript
- Database: PostgreSQL
- Session model: Server sessions (cookies)

## Auth methods
Email + password, OAuth / social

## Security requirements
- Hash passwords with a modern KDF (argon2/bcrypt); never store secrets in plaintext.
- Secure session/token handling: rotation, expiry, revocation, secure cookies.
- Account recovery: safe password reset with single-use, expiring tokens.
- Defenses: rate limiting, lockout/backoff, CSRF protection, generic error messages.
- MFA: TOTP enrollment, verification, and recovery codes.
- Role-based access control with a clear permission model and checks at every entry point.

## Deliverables
1. Threat model + data model + endpoint list before coding.
2. The complete, runnable code with migrations.
3. README: setup, env vars, and a security checklist.

Apply OWASP best practices by default and call out any residual risks.