Skip to content

Latest commit

 

History

History
59 lines (46 loc) · 5 KB

README.md

File metadata and controls

59 lines (46 loc) · 5 KB

SKILL-TEST-WEBSITE

Andres Gutierrez Application

Fix verification issue on register and login.

The issue related to verification was due to the configuration of a valid email provider for sending emails. This involved changing the values either in the emailer service in the backend or in the environment variables.

Note

Regarding sensitive information exposed in environment variables such as API keys, improvements were made both in the backend (DB, emailer, etc.) and in the frontend (firebaseConfig), as can be seen in the repository commits.

Add current Eth price on profile page.

The current Ethereum price is added to the profile page by querying the asset and position in the WalletPortfolio view through props.tokensInfo. This was facilitated by adding the Ethereum network to the wallet table.

Note

Design patterns or database-driven dynamism could be applied to optimize blockchain network scaling.

Add Wallet connect on profile page.

Integrating WalletConnect functionality enables secure communication between wallets and Dapps. WalletConnect establishes a remote connection between two apps/devices, with data transmitted through a bridge server. The connection is initiated by one peer displaying a QR Code or deep link with a standard WalletConnect URI and is established when the counter-party approves the connection request.

Components: A "Connect with WalletConnect" button has been added to the wallet profile page. Evidence of the implementation can be found in repo commit and provided video.

Example URI: wc:e0d3bcf6-6727-4103-89a2-2d1ba7cd727b@1?bridge=https%3A%2F%2F3.bridge.walletconnect.org&key=8e5ed284153adab543b75f25093878593768eacfd618c5484b7d2987bb5fb9d6

Note

GENERAL: Remember to execute the updated scripts (new_mgldefi.sql) from the database to simulate the changes. Using the root user in MySQL is discouraged due to security risks. It's best practice to create separate users with specific permissions for each database task. This adheres to the principle of least privilege, enhances security, facilitates auditing, isolates system components, and simplifies scalability and maintenance. Storing credentials securely in a .env file adds an extra layer of protection against unauthorized access. For the operational convenience of the application, I've decided to retain the .env file within the project. it's important to upholding robust security practices, including the creation of distinct MySQL users with limited privileges:

-- Create a new user
CREATE USER 'myuser'@'localhost' IDENTIFIED BY 'mypassword';
-- Grant permissions to the user on a specific database
GRANT SELECT, INSERT, UPDATE, DELETE ON mydatabase.* TO 'myuser'@'localhost';
-- Flush privileges to apply changes
FLUSH PRIVILEGES;
Screencast.from.2024-03-17.02-19-26.webm