A modern, responsive landing page for a CMS platform featuring a comprehensive signup system with automated verification, password hashing, and reCAPTCHA security measures.
- Password Hashing: Secure password storage using bcrypt with 12 rounds
- Form Validation: Strong password requirements with Zod schema validation
- reCAPTCHA Protection: Google reCAPTCHA v2 integration for spam protection
- Email Verification: Automated email verification system
- Input Sanitization: Comprehensive form input validation
- Responsive Design: Mobile-first design that works on all devices
- Modern UI: Built with shadcn/ui components and Tailwind CSS
- Real-time Validation: Instant feedback on form inputs
- Loading States: Clear loading indicators during form submission
- Error Handling: User-friendly error messages and notifications
- Next.js 15: Latest version with App Router
- TypeScript: Full type safety throughout the application
- Server-Side API: RESTful API endpoints for signup and verification
- Email Integration: SMTP email sending with HTML templates
- Demo Mode: Works without external services for testing
- Node.js 18+ or Bun
- Git
-
Clone and setup the project:
git clone <repository-url> cd cms-landing-page bun install
-
Configure environment variables: Copy
.env.localand update with your values:# reCAPTCHA (optional for demo) NEXT_PUBLIC_RECAPTCHA_SITE_KEY=your_site_key RECAPTCHA_SECRET_KEY=your_secret_key # Email (optional for demo) SMTP_HOST=smtp.gmail.com SMTP_PORT=587 [email protected] SMTP_PASS=your_app_password # Security JWT_SECRET=your_random_secret BCRYPT_ROUNDS=12
-
Start the development server:
bun run dev
-
Open your browser: Navigate to
http://localhost:3000
- Go to Google reCAPTCHA
- Create a new site with reCAPTCHA v2
- Add your domain (localhost:3000 for development)
- Copy the site key and secret key to your
.env.local
For Gmail:
- Enable 2-factor authentication
- Generate an app password
- Use the app password in
SMTP_PASS
Creates a new user account with email verification.
Request Body:
{
"name": "John Doe",
"email": "[email protected]",
"password": "SecurePass123!",
"confirmPassword": "SecurePass123!",
"acceptTerms": true,
"recaptchaToken": "token_from_recaptcha"
}Response:
{
"success": true,
"message": "Account created successfully!",
"emailSent": true
}Verifies a user's email address using the verification token.
Response:
{
"success": true,
"message": "Email verified successfully!",
"verified": true
}- Minimum 8 characters
- At least one uppercase letter
- At least one lowercase letter
- At least one number
- At least one special character
- Uses bcrypt with 12 rounds (configurable)
- Salted hashing for maximum security
- No plain text passwords stored
- Prevents automated bot signups
- Score-based verification (threshold: 0.5)
- Graceful fallback when not configured
- Unique verification tokens
- HTML email templates
- Automatic token cleanup after verification
- Next.js 15 with App Router
- React Hook Form for form management
- Zod for schema validation
- shadcn/ui for components
- Tailwind CSS for styling
- TypeScript for type safety
- Next.js API Routes for server-side logic
- bcrypt for password hashing
- nodemailer for email sending
- In-memory database for demo (easily replaceable)
cms-landing-page/
βββ src/
β βββ app/
β β βββ api/
β β β βββ signup/route.ts
β β β βββ verify-email/route.ts
β β βββ verify-email/page.tsx
β β βββ layout.tsx
β β βββ page.tsx
β βββ components/
β β βββ ui/ # shadcn/ui components
β β βββ signup-form.tsx
β β βββ demo-notice.tsx
β βββ lib/
β βββ auth.ts # Authentication utilities
β βββ database.ts # Database abstraction
β βββ email.ts # Email sending
β βββ recaptcha.ts # reCAPTCHA verification
β βββ utils.ts # Utility functions
βββ .env.local # Environment variables
βββ package.json
- Fill out the signup form with various inputs
- Test password validation requirements
- Try submitting without reCAPTCHA (if enabled)
- Check email verification flow
- Test responsive design on different devices
The application uses an in-memory database, so all data resets when the server restarts.
Replace the in-memory database with a real database:
- PostgreSQL (recommended)
- MongoDB
- MySQL
Consider using:
- SendGrid
- Mailgun
- Amazon SES
- Rate limiting
- CSRF protection
- Input sanitization
- SQL injection prevention (with real database)
next- React frameworkreact- UI librarytypescript- Type safetytailwindcss- Styling@shadcn/ui- UI components
bcryptjs- Password hashingzod- Schema validationreact-google-recaptcha- reCAPTCHA integration
react-hook-form- Form management@hookform/resolvers- Form validation
nodemailer- Email sending
lucide-react- Iconssonner- Toast notifications
- Fork the repository
- Create a feature branch
- Make your changes
- Test thoroughly
- Submit a pull request
This project is licensed under the MIT License - see the LICENSE file for details.
If you encounter any issues:
- Check the environment variables are configured correctly
- Ensure all dependencies are installed
- Check the browser console for errors
- Review the server logs
For additional help, please open an issue in the repository.