Description

Adverto is an application for posting and reading advertisements, built using serverless architecture. I created this application within my Bachelor's Thesis and the main focus was on features regarding authentication and authorization, such as: - login - signup - email verification - role based access control - Google SSO - phone number verification - two factor authentication (via SMS) - password reset

The application distinguishes three roles: unauthenticated user, advertiser and administrator. Within the initial page, all users can see all advertisements, sorted by creation date so that the newest ads appear at the top. Each advertisement displays information about the advertiser (profile picture, email address, first name and last name), as well as information about the ad itself (title, description, price and optional image if available). By clicking on the advertiser's name, profile picture, users are redirected to the advertiser's profile. Within the advertiser's profile, their information (profile picture, email address, first name and last name) is shown, along with all their advertisements, sorted by creation date so that the newest ads appear at the top. All the data displayed on the initial page is also shown within each ad.

Users register by filling out a registration form or by using their Google account (Single Sign-On). When registering through the form, users enter their email, first name, last name and password. They then receive a verification code via email. Logging into the system involves entering an email and password and if two-factor authentication is enabled, users also enter a security code received via SMS. On the login page, users have the option to recover their account in case of a forgotten password. Account recovery works by sending a security code to the provided email address. The user then sends this code along with a new password to verify the change.

Advertisers have the ability to create their own ads by entering a title, description, price and optional image. Additionally, they can edit and delete their ads. Within the profile settings page, advertisers can change their profile picture and personal details (first name, last name and phone number). They also have the option to verify their phone number for two-factor authentication via SMS. Phone number verification involves entering a security code sent to the phone via SMS. Two-factor authentication can be enabled or disabled within the profile settings page. On the same page, users can also change their password. They receive a security code via email, which they send along with the new password to verify the change.

Advertisers can become administrators through the console by being added to the administrator group. This grants them additional capabilities to block and unblock users, as well as delete ads that seem inappropriate.