GitHub

Project for GovTech TAP assessment.

Hosted on https://scoreify-749378919199.asia-east1.run.app/. Next.js, Google Cloud Run, Fly Postgres.

The admin account has credentials

username: administrator
password: administrator

Only this account can clear all data (it's a button at the bottom of the page). Clear all data will also delete all previously created accounts except for the administrator account.

The SQL queries in actions.ts are parameterised and thus not vulnerable to injection. See https://www.youtube.com/watch?v=2Ggf45daK7k

Lucia is used for authentication. Passwords are hashed using Argon2 before being stored.

Next.js provides CSRF protection out-of-the-box when using form actions, which are what we have used. Route handlers are not automatically protected, but we do not use any in this project.

Name		Name	Last commit message	Last commit date
Latest commit History 20 Commits
.vscode		.vscode
src		src
.eslintrc.json		.eslintrc.json
.gitignore		.gitignore
README.md		README.md
next.config.mjs		next.config.mjs
package-lock.json		package-lock.json
package.json		package.json
postcss.config.mjs		postcss.config.mjs
tailwind.config.ts		tailwind.config.ts
tsconfig.json		tsconfig.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

About

Uh oh!

Releases

Packages

Uh oh!

Languages

vlwk/scoreify

Folders and files

Latest commit

History

Repository files navigation

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Languages

Packages