In summary this job, for the hired programmer, is to code and test a fully functioning social media website based on pre-defined requirements.
i. Is capable of registering new users requiring
a. Unique email address or social account (facebook, twitter, google, linkedin) with double-opt-in or click-link validation to confirm identity.
b. Unique username
c. Strong password (for email registrations)
d. Age validation feature (for email registrations)
e. Captcha/reCaptcha to submit, or alternative method to protect against bots
ii. Is capable of logging in existing users
a. Via the method they used to register (email/pswd, social)
b. Protection against brute force attacks with Captcha/reCaptcha or other solution after two failed login attempts
c. Temporary account lockout after five failed login attempts
d. Forgot/Reset Password feature via email
e. Tracking of all login attempts
iii. Has a Logout feature
a. Which redirects to the login page
iv. Secures and ensures access to site documents only to logged in users
v. Defends against possible attacks including but not limited to: SQL injections, Session Hijacking, Network Eavesdropping, Cross Site Scripting, Brute Force Attacks, CSRF Protection, etc..
vi. Is capable of supporting member types (i.e., Admin, Staff, Free, Paid)
vii. Is built to integrate with an external payment acceptance vendor for subscriptions as well as merchandise sales (i.e., Amazon, PayPal, etc.)
viii. Remaining requirements may be provided upon acceptance and execution of your NDA.
All passwords should be encrypted and passed securely, no plaintext. All pages should be secure (https) and all user sessions tracked.
Url’s of the site that are directly entered into a browser address bar by non logged in users redirects to the main landing page so that user may verify credentials and login for access to member areas.
All code should be written in a way that prevents code from being sent or displayed to end users in case of any errors. There should be a custom message that notifies the end user of an error along with a database table that tracks errors and notifies the site admin of these errors.
The domain for this project is hosted with AWS/S3. The selected programmer will be issued an AWS Identity and Access Management (IAM) user id with appropriate permissions as required to successfully perform your tasks for this project. You will work with us as the lead to create databases and respective users/passwords combinations as needed.
We believe this job requires the following minimum skills and understanding of each:
From the client perspective we are interested in working directly with an individual experienced programmer, vs. agency or freelancers representative, to develop and execute the requirements. We expect initial input from the freelancer in regard to the amount of effort and hours required to complete this work, an estimate of their total rate if flat-rate or their hourly rate based on the project as a whole, and if there are additional requirements the freelancer believes we have missed we expect them to include that within their proposal. We know what we want, but we are not programmers, so we are looking for somewhat of a partnership with a freelancer to complete the coding work while assisting us to clearly understand the scope of our requests. We will ask that you accept a non-disclosure agreement, and agree that this is work for hire, wherein all intellectual property including code, results, and work output from this contract is wholly owned by us.