Authentication
Guide to user authentication and security features in Kucska Bolka
Authentication in Kucska Bolka
Security is paramount in Kucska Bolka, especially for a university platform handling event data. We implement robust authentication mechanisms to protect user privacy and ensure only verified university members can access the platform.
Our authentication system supports multiple methods, including university email verification and social login options.
Email Verification
Secure sign-up with university domain validation.
Two-Factor Auth
Optional 2FA for enhanced account security.
Session Management
Automatic session handling and logout policies.
Signing Up
To join Kucska Bolka, users must verify their university affiliation through email.
Enter Details
Provide your name, university email, and password.
Verify Email
Click the verification link sent to your university email.
curl -X POST /api/auth/signup \
-H "Content-Type: application/json" \
-d '{
"email": "student@university.edu",
"password": "securePass123",
"universityId": "12345"
}'
# Verification step
curl -X POST /api/auth/verify \
-d "token=abc123def456"
Complete Profile
Add profile picture and interests to enhance discovery.
Students use their .edu email for automatic verification.
University staff follow the same process with additional role assignment.
Limited read-only access for non-university visitors.
Login Methods
We support various login methods to accommodate different user preferences.
| Method | Description | Security Level |
|---|---|---|
| Password | Standard email/password | Medium |
| Two-Factor | Password + SMS/App code | High |
| Social Login | Google/Microsoft accounts | Medium |
Security Best Practices
Protecting your account is crucial for maintaining privacy in a university setting.
# Example secure password check
import re
def is_strong_password(password):
return len(password) >= 8 and re.search(r'[A-Z]', password) and re.search(r'\d', password)
print(is_strong_password("SecurePass123")) # True
We recommend using unique passwords, enabling 2FA, and logging out from public devices.
Our platform uses industry-standard encryption and regular security audits to keep your data safe.