From cdc197458cb3de5d3c472a818e56b7ae294c70ab Mon Sep 17 00:00:00 2001
From: Timothy Miller <miller.tim108@gmail.com>
Date: Sat, 2 Apr 2022 13:01:55 -0400
Subject: [PATCH] reapply session auth changes

---
 api/requirements/dev.txt                 |   9 +
 api/requirements/prod.txt                |   9 +
 api/woeip/apps/core/forms.py             |   2 +
 api/woeip/settings.py                    |  33 +-
 api/woeip/urls.py                        |   5 +-
 nginx-proxy/Dockerfile                   |   3 +-
 web/package-lock.json                    | 116 ++++++-
 web/package.json                         |   4 +-
 web/src/App.js                           |  27 +-
 web/src/App.test.js                      |  42 +++
 web/src/api.util.js                      |  25 ++
 web/src/api.util.test.js                 |   6 +
 web/src/components/auth/boundary.js      |  27 ++
 web/src/components/auth/boundary.test.js |  50 +++
 web/src/components/auth/login.css        |   7 +
 web/src/components/auth/login.js         |  65 ++++
 web/src/components/auth/login.test.js    | 135 ++++++++
 web/src/components/auth/logout.js        |  34 ++
 web/src/components/auth/logout.test.js   | 102 ++++++
 web/src/components/auth/register.css     |   7 +
 web/src/components/auth/register.js      |  87 +++++
 web/src/components/auth/register.test.js | 159 +++++++++
 web/src/components/auth/tokenContext.js  |   7 +
 web/src/components/auth/utils.js         |  89 ++++++
 web/src/components/auth/utils.test.js    | 132 ++++++++
 web/src/components/home/index.js         |   9 +-
 web/src/components/home/index.test.js    |  20 +-
 web/src/components/home/welcome.css      |   3 +
 web/src/components/home/welcome.js       |  15 +
 web/src/components/map/box.js            |   3 +-
 web/src/components/nav/bar.js            |  19 +-
 web/src/components/nav/bar.test.js       |  31 +-
 web/src/components/nav/index.test.js     |  43 ++-
 web/src/components/nav/switch.js         |  34 +-
 web/src/components/ui/index.js           |   1 +
 web/src/components/upload/confirm.js     |  38 +--
 web/src/components/upload/drop.js        |   2 +-
 web/src/components/upload/index.js       |  57 ++--
 web/src/components/upload/utils.js       | 217 ++++++++++++-
 web/src/components/upload/utils.test.js  | 390 ++++++++++++++++++++++-
 40 files changed, 1965 insertions(+), 99 deletions(-)
 create mode 100644 api/woeip/apps/core/forms.py
 create mode 100644 web/src/components/auth/boundary.js
 create mode 100644 web/src/components/auth/boundary.test.js
 create mode 100644 web/src/components/auth/login.css
 create mode 100644 web/src/components/auth/login.js
 create mode 100644 web/src/components/auth/login.test.js
 create mode 100644 web/src/components/auth/logout.js
 create mode 100644 web/src/components/auth/logout.test.js
 create mode 100644 web/src/components/auth/register.css
 create mode 100644 web/src/components/auth/register.js
 create mode 100644 web/src/components/auth/register.test.js
 create mode 100644 web/src/components/auth/tokenContext.js
 create mode 100644 web/src/components/auth/utils.js
 create mode 100644 web/src/components/auth/utils.test.js
 create mode 100644 web/src/components/home/welcome.css
 create mode 100644 web/src/components/home/welcome.js

diff --git a/api/requirements/dev.txt b/api/requirements/dev.txt
index b7b9ec3d..ca12dccc 100644
--- a/api/requirements/dev.txt
+++ b/api/requirements/dev.txt
@@ -10,8 +10,13 @@ charset-normalizer==2.0.12
 coreapi==2.3.3
 coreschema==0.0.4
 coverage==6.3.2
+cryptography==36.0.1
+defusedxml==0.7.1
+dj-rest-auth==2.2.3
 Django==3.2.12
+django-allauth==0.49.0
 django-boto==0.3.12
+django-cors-headers==3.11.0
 django-debug-toolbar==3.2.4
 django-environ==0.8.1
 django-extensions==3.1.5
@@ -34,19 +39,23 @@ MarkupSafe==2.1.0
 mypy==0.931
 mypy-extensions==0.4.3
 numpy==1.22.2
+oauthlib==3.2.0
 packaging==21.3
 pandas==1.4.1
 pluggy==1.0.0
 psycopg2-binary==2.9.3
 py==1.11.0
 pycparser==2.21
+PyJWT==2.3.0
 pynmea2==1.18.0
 pyparsing==3.0.7
 pytest==7.0.1
 pytest-django==4.5.2
 python-dateutil==2.8.2
+python3-openid==3.2.0
 pytz==2021.3
 requests==2.27.1
+requests-oauthlib==1.3.1
 ruamel.yaml==0.17.21
 ruamel.yaml.clib==0.2.6
 six==1.16.0
diff --git a/api/requirements/prod.txt b/api/requirements/prod.txt
index 626609db..bd061c89 100644
--- a/api/requirements/prod.txt
+++ b/api/requirements/prod.txt
@@ -7,8 +7,13 @@ cffi==1.15.0
 charset-normalizer==2.0.12
 coreapi==2.3.3
 coreschema==0.0.4
+cryptography==36.0.1
+defusedxml==0.7.1
+dj-rest-auth==2.2.3
 Django==3.2.12
+django-allauth==0.49.0
 django-boto==0.3.12
+django-cors-headers==3.11.0
 django-environ==0.8.1
 django-extensions==3.1.5
 django-model-utils==4.2.0
@@ -24,15 +29,19 @@ itypes==1.2.0
 Jinja2==3.0.3
 MarkupSafe==2.1.0
 numpy==1.22.2
+oauthlib==3.2.0
 packaging==21.3
 pandas==1.4.1
 psycopg2-binary==2.9.3
 pycparser==2.21
+PyJWT==2.3.0
 pynmea2==1.18.0
 pyparsing==3.0.7
 python-dateutil==2.8.2
+python3-openid==3.2.0
 pytz==2021.3
 requests==2.27.1
+requests-oauthlib==1.3.1
 ruamel.yaml==0.17.21
 ruamel.yaml.clib==0.2.6
 six==1.16.0
diff --git a/api/woeip/apps/core/forms.py b/api/woeip/apps/core/forms.py
new file mode 100644
index 00000000..0c9508b4
--- /dev/null
+++ b/api/woeip/apps/core/forms.py
@@ -0,0 +1,2 @@
+from django import forms
+from django.contrib.auth.forms import UserChangeForm, UserCreationForm
diff --git a/api/woeip/settings.py b/api/woeip/settings.py
index 73cda9a1..5bdb66dd 100644
--- a/api/woeip/settings.py
+++ b/api/woeip/settings.py
@@ -30,7 +30,7 @@
     "django.contrib.gis",
 ]
 
-THIRD_PARTY_APPS = ["django_extensions", "rest_framework", "storages", "drf_yasg"]
+THIRD_PARTY_APPS = ["corsheaders", "django_extensions", "rest_framework", 'rest_framework.authtoken', "dj_rest_auth", "allauth", 'allauth.account', 'allauth.socialaccount', 'dj_rest_auth.registration', "storages", "drf_yasg"]
 
 LOCAL_APPS = ["woeip.apps.core", "woeip.apps.air_quality"]
 
@@ -57,6 +57,7 @@
 
 
 MIDDLEWARE = [
+    "corsheaders.middleware.CorsMiddleware",
     "django.middleware.security.SecurityMiddleware",
     "django.contrib.sessions.middleware.SessionMiddleware",
     "django.middleware.common.CommonMiddleware",
@@ -67,6 +68,33 @@
     "django.contrib.flatpages.middleware.FlatpageFallbackMiddleware",
 ]
 
+REST_FRAMEWORK = {
+    'DATETIME_FORMAT': "%m/%d/%Y %I:%M%P",
+    'DEFAULT_AUTHENTICATION_CLASSES': [
+        'rest_framework.authentication.TokenAuthentication',
+        ],
+    'DEFAULT_PERMISSION_CLASSES': [
+        'rest_framework.permissions.IsAuthenticatedOrReadOnly',
+    ]
+}
+
+AUTHENTICATION_BACKENDS = (
+    "django.contrib.auth.backends.ModelBackend",
+    "allauth.account.auth_backends.AuthenticationBackend",
+)
+
+ACCOUNT_EMAIL_REQUIRED = True
+ACCOUNT_UNIQUE_EMAIL = True
+ACCOUNT_USERNAME_REQUIRED = False
+ACCOUNT_AUTHENTICATION_METHOD = 'email'
+
+CORS_ALLOWED_ORIGINS = [
+    "http://lvh.me",
+    "https://woaq.org",
+    "http://localhost:3000",
+    "http://127.0.0.1:3000",
+]
+
 ROOT_URLCONF = "woeip.urls"
 
 TEMPLATES = [
@@ -192,8 +220,5 @@ def generate_file_handler(filename):
     },
 }
 
-LOGIN_REDIRECT_URL = "upload"
-LOGOUT_REDIRECT_URL = "login"
-
 EMAIL_BACKEND = "django.core.mail.backends.filebased.EmailBackend"
 EMAIL_FILE_PATH = str(project_root.path("sent_emails"))
diff --git a/api/woeip/urls.py b/api/woeip/urls.py
index b1643cd3..1aab468e 100644
--- a/api/woeip/urls.py
+++ b/api/woeip/urls.py
@@ -18,13 +18,14 @@
 router.register(r"pollutant_values", views.PollutantValueViewSet)
 router.register(r"sensors", views.SensorViewSet)
 router.register(r"timegeo", views.TimeGeoViewSet)
-router.register(r"users", core_views.UserViewSet)
+# router.register(r"users", core_views.UserViewSet) # Disable to prevent personal information leaking
 
 
 urlpatterns = [
     path("", include(router.urls)),
     path("admin/", admin.site.urls),
-    path("api-auth/", include("rest_framework.urls", namespace="rest_framework")),
+    path("auth/", include("dj_rest_auth.urls")),
+    path("auth/register/", include('dj_rest_auth.registration.urls')),
 ]
 
 urlpatterns += swagger_urlpatterns
diff --git a/nginx-proxy/Dockerfile b/nginx-proxy/Dockerfile
index dbc2d10a..ef879baa 100644
--- a/nginx-proxy/Dockerfile
+++ b/nginx-proxy/Dockerfile
@@ -1,4 +1,3 @@
 FROM jwilder/nginx-proxy
 ARG API_DOMAIN
-COPY cors.conf /etc/nginx/vhost.d/$API_DOMAIN
-COPY api_static_assets_routing /etc/nginx/vhost.d/${API_DOMAIN}_location
\ No newline at end of file
+COPY api_static_assets_routing /etc/nginx/vhost.d/${API_DOMAIN}_location
diff --git a/web/package-lock.json b/web/package-lock.json
index beeb8a66..22e2433d 100644
--- a/web/package-lock.json
+++ b/web/package-lock.json
@@ -26,7 +26,9 @@
       "devDependencies": {
         "@testing-library/jest-dom": "^5.11.9",
         "@testing-library/react": "^11.2.5",
-        "@testing-library/user-event": "^12.7.1",
+        "@testing-library/user-event": "^12.8.3",
+        "@types/react": "^17.0.39",
+        "@types/react-router-dom": "^5.3.3",
         "@typescript-eslint/parser": "^4.15.1",
         "eslint-config-prettier": "^7.2.0",
         "eslint-plugin-prettier": "^3.3.1",
@@ -3101,6 +3103,12 @@
         "@types/node": "*"
       }
     },
+    "node_modules/@types/history": {
+      "version": "4.7.11",
+      "resolved": "https://registry.npmjs.org/@types/history/-/history-4.7.11.tgz",
+      "integrity": "sha512-qjDJRrmvBMiTx+jyLxvLfJU7UznFuokDv4f3WRuriHKERccVpFU+8XMQUAbDzoiJCsmexxRExQeMwwCdamSKDA==",
+      "dev": true
+    },
     "node_modules/@types/html-minifier-terser": {
       "version": "5.1.2",
       "resolved": "https://registry.npmjs.org/@types/html-minifier-terser/-/html-minifier-terser-5.1.2.tgz",
@@ -3196,11 +3204,49 @@
       "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.4.4.tgz",
       "integrity": "sha512-ReVR2rLTV1kvtlWFyuot+d1pkpG2Fw/XKE3PDAdj57rbM97ttSp9JZ2UsP+2EHTylra9cUf6JA7tGwW1INzUrA=="
     },
+    "node_modules/@types/prop-types": {
+      "version": "15.7.4",
+      "resolved": "https://registry.npmjs.org/@types/prop-types/-/prop-types-15.7.4.tgz",
+      "integrity": "sha512-rZ5drC/jWjrArrS8BR6SIr4cWpW09RNTYt9AMZo3Jwwif+iacXAqgVjm0B0Bv/S1jhDXKHqRVNCbACkJ89RAnQ==",
+      "dev": true
+    },
     "node_modules/@types/q": {
       "version": "1.5.5",
       "resolved": "https://registry.npmjs.org/@types/q/-/q-1.5.5.tgz",
       "integrity": "sha512-L28j2FcJfSZOnL1WBjDYp2vUHCeIFlyYI/53EwD/rKUBQ7MtUUfbQWiyKJGpcnv4/WgrhWsFKrcPstcAt/J0tQ=="
     },
+    "node_modules/@types/react": {
+      "version": "17.0.39",
+      "resolved": "https://registry.npmjs.org/@types/react/-/react-17.0.39.tgz",
+      "integrity": "sha512-UVavlfAxDd/AgAacMa60Azl7ygyQNRwC/DsHZmKgNvPmRR5p70AJ5Q9EAmL2NWOJmeV+vVUI4IAP7GZrN8h8Ug==",
+      "dev": true,
+      "dependencies": {
+        "@types/prop-types": "*",
+        "@types/scheduler": "*",
+        "csstype": "^3.0.2"
+      }
+    },
+    "node_modules/@types/react-router": {
+      "version": "5.1.18",
+      "resolved": "https://registry.npmjs.org/@types/react-router/-/react-router-5.1.18.tgz",
+      "integrity": "sha512-YYknwy0D0iOwKQgz9v8nOzt2J6l4gouBmDnWqUUznltOTaon+r8US8ky8HvN0tXvc38U9m6z/t2RsVsnd1zM0g==",
+      "dev": true,
+      "dependencies": {
+        "@types/history": "^4.7.11",
+        "@types/react": "*"
+      }
+    },
+    "node_modules/@types/react-router-dom": {
+      "version": "5.3.3",
+      "resolved": "https://registry.npmjs.org/@types/react-router-dom/-/react-router-dom-5.3.3.tgz",
+      "integrity": "sha512-kpqnYK4wcdm5UaWI3fLcELopqLrHgLqNsdpHauzlQktfkHL3npOSwtj1Uz9oKBAzs7lFtVkV8j83voAz2D8fhw==",
+      "dev": true,
+      "dependencies": {
+        "@types/history": "^4.7.11",
+        "@types/react": "*",
+        "@types/react-router": "*"
+      }
+    },
     "node_modules/@types/resolve": {
       "version": "0.0.8",
       "resolved": "https://registry.npmjs.org/@types/resolve/-/resolve-0.0.8.tgz",
@@ -3209,6 +3255,12 @@
         "@types/node": "*"
       }
     },
+    "node_modules/@types/scheduler": {
+      "version": "0.16.2",
+      "resolved": "https://registry.npmjs.org/@types/scheduler/-/scheduler-0.16.2.tgz",
+      "integrity": "sha512-hppQEBDmlwhFAXKJX2KnWLYu5yMfi91yazPb2l+lbJiwW+wdo1gNeRA+3RgNSO39WYX2euey41KEwnqesU2Jew==",
+      "dev": true
+    },
     "node_modules/@types/set-cookie-parser": {
       "version": "2.4.2",
       "resolved": "https://registry.npmjs.org/@types/set-cookie-parser/-/set-cookie-parser-2.4.2.tgz",
@@ -6244,6 +6296,12 @@
       "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.3.8.tgz",
       "integrity": "sha512-b0tGHbfegbhPJpxpiBPU2sCkigAqtM9O121le6bbOlgyV+NyGyCmVfJ6QW9eRjz8CpNfWEOYBIMIGRYkLwsIYg=="
     },
+    "node_modules/csstype": {
+      "version": "3.0.10",
+      "resolved": "https://registry.npmjs.org/csstype/-/csstype-3.0.10.tgz",
+      "integrity": "sha512-2u44ZG2OcNUO9HDp/Jl8C07x6pU/eTR3ncV91SiK3dhG9TWvRVsCoJw14Ckx5DgWkzGA3waZWO3d7pgqpUI/XA==",
+      "dev": true
+    },
     "node_modules/cyclist": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/cyclist/-/cyclist-1.0.1.tgz",
@@ -24086,6 +24144,12 @@
         "@types/node": "*"
       }
     },
+    "@types/history": {
+      "version": "4.7.11",
+      "resolved": "https://registry.npmjs.org/@types/history/-/history-4.7.11.tgz",
+      "integrity": "sha512-qjDJRrmvBMiTx+jyLxvLfJU7UznFuokDv4f3WRuriHKERccVpFU+8XMQUAbDzoiJCsmexxRExQeMwwCdamSKDA==",
+      "dev": true
+    },
     "@types/html-minifier-terser": {
       "version": "5.1.2",
       "resolved": "https://registry.npmjs.org/@types/html-minifier-terser/-/html-minifier-terser-5.1.2.tgz",
@@ -24181,11 +24245,49 @@
       "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-2.4.4.tgz",
       "integrity": "sha512-ReVR2rLTV1kvtlWFyuot+d1pkpG2Fw/XKE3PDAdj57rbM97ttSp9JZ2UsP+2EHTylra9cUf6JA7tGwW1INzUrA=="
     },
+    "@types/prop-types": {
+      "version": "15.7.4",
+      "resolved": "https://registry.npmjs.org/@types/prop-types/-/prop-types-15.7.4.tgz",
+      "integrity": "sha512-rZ5drC/jWjrArrS8BR6SIr4cWpW09RNTYt9AMZo3Jwwif+iacXAqgVjm0B0Bv/S1jhDXKHqRVNCbACkJ89RAnQ==",
+      "dev": true
+    },
     "@types/q": {
       "version": "1.5.5",
       "resolved": "https://registry.npmjs.org/@types/q/-/q-1.5.5.tgz",
       "integrity": "sha512-L28j2FcJfSZOnL1WBjDYp2vUHCeIFlyYI/53EwD/rKUBQ7MtUUfbQWiyKJGpcnv4/WgrhWsFKrcPstcAt/J0tQ=="
     },
+    "@types/react": {
+      "version": "17.0.39",
+      "resolved": "https://registry.npmjs.org/@types/react/-/react-17.0.39.tgz",
+      "integrity": "sha512-UVavlfAxDd/AgAacMa60Azl7ygyQNRwC/DsHZmKgNvPmRR5p70AJ5Q9EAmL2NWOJmeV+vVUI4IAP7GZrN8h8Ug==",
+      "dev": true,
+      "requires": {
+        "@types/prop-types": "*",
+        "@types/scheduler": "*",
+        "csstype": "^3.0.2"
+      }
+    },
+    "@types/react-router": {
+      "version": "5.1.18",
+      "resolved": "https://registry.npmjs.org/@types/react-router/-/react-router-5.1.18.tgz",
+      "integrity": "sha512-YYknwy0D0iOwKQgz9v8nOzt2J6l4gouBmDnWqUUznltOTaon+r8US8ky8HvN0tXvc38U9m6z/t2RsVsnd1zM0g==",
+      "dev": true,
+      "requires": {
+        "@types/history": "^4.7.11",
+        "@types/react": "*"
+      }
+    },
+    "@types/react-router-dom": {
+      "version": "5.3.3",
+      "resolved": "https://registry.npmjs.org/@types/react-router-dom/-/react-router-dom-5.3.3.tgz",
+      "integrity": "sha512-kpqnYK4wcdm5UaWI3fLcELopqLrHgLqNsdpHauzlQktfkHL3npOSwtj1Uz9oKBAzs7lFtVkV8j83voAz2D8fhw==",
+      "dev": true,
+      "requires": {
+        "@types/history": "^4.7.11",
+        "@types/react": "*",
+        "@types/react-router": "*"
+      }
+    },
     "@types/resolve": {
       "version": "0.0.8",
       "resolved": "https://registry.npmjs.org/@types/resolve/-/resolve-0.0.8.tgz",
@@ -24194,6 +24296,12 @@
         "@types/node": "*"
       }
     },
+    "@types/scheduler": {
+      "version": "0.16.2",
+      "resolved": "https://registry.npmjs.org/@types/scheduler/-/scheduler-0.16.2.tgz",
+      "integrity": "sha512-hppQEBDmlwhFAXKJX2KnWLYu5yMfi91yazPb2l+lbJiwW+wdo1gNeRA+3RgNSO39WYX2euey41KEwnqesU2Jew==",
+      "dev": true
+    },
     "@types/set-cookie-parser": {
       "version": "2.4.2",
       "resolved": "https://registry.npmjs.org/@types/set-cookie-parser/-/set-cookie-parser-2.4.2.tgz",
@@ -26576,6 +26684,12 @@
         }
       }
     },
+    "csstype": {
+      "version": "3.0.10",
+      "resolved": "https://registry.npmjs.org/csstype/-/csstype-3.0.10.tgz",
+      "integrity": "sha512-2u44ZG2OcNUO9HDp/Jl8C07x6pU/eTR3ncV91SiK3dhG9TWvRVsCoJw14Ckx5DgWkzGA3waZWO3d7pgqpUI/XA==",
+      "dev": true
+    },
     "cyclist": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/cyclist/-/cyclist-1.0.1.tgz",
diff --git a/web/package.json b/web/package.json
index 3c48c36e..3a3b6fcf 100644
--- a/web/package.json
+++ b/web/package.json
@@ -55,7 +55,9 @@
   "devDependencies": {
     "@testing-library/jest-dom": "^5.11.9",
     "@testing-library/react": "^11.2.5",
-    "@testing-library/user-event": "^12.7.1",
+    "@testing-library/user-event": "^12.8.3",
+    "@types/react": "^17.0.39",
+    "@types/react-router-dom": "^5.3.3",
     "@typescript-eslint/parser": "^4.15.1",
     "eslint-config-prettier": "^7.2.0",
     "eslint-plugin-prettier": "^3.3.1",
diff --git a/web/src/App.js b/web/src/App.js
index 45b769ab..a4493216 100644
--- a/web/src/App.js
+++ b/web/src/App.js
@@ -1,3 +1,6 @@
+import { useState, useEffect } from "react";
+import { AuthTokenContext } from "./components/auth/tokenContext";
+import { getAuthTokenItem } from "./components/auth/utils";
 import { Navigation } from "./components/nav";
 import { Footer } from "./components/footer";
 import { Container } from "./components/ui";
@@ -5,11 +8,25 @@ import "./App.css";
 
 // All components for the application are organized here.
 export const App = () => {
+  const [authToken, setAuthToken] = useState("");
+  const [tokenLoading, setTokenLoading] = useState(true);
+  /**
+   * Check local storage for auth token on initial application load.
+   */
+  useEffect(() => {
+    setAuthToken(getAuthTokenItem());
+    setTokenLoading(false);
+  }, []);
+
   return (
-    <Container className={"app-container"}>
-      {/* Components that can be mounted via the Router are nested in Navigation */}
-      <Navigation />
-      <Footer />
-    </Container>
+    <AuthTokenContext.Provider
+      value={{ authToken, tokenLoading, setAuthToken }}
+    >
+      <Container className={"app-container"}>
+        {/* Components that can be mounted via the Router are nested in Navigation */}
+        <Navigation />
+        <Footer />
+      </Container>
+    </AuthTokenContext.Provider>
   );
 };
diff --git a/web/src/App.test.js b/web/src/App.test.js
index 02c16301..4f00a62a 100644
--- a/web/src/App.test.js
+++ b/web/src/App.test.js
@@ -11,6 +11,43 @@ import { App } from "./App";
 jest.mock("./components/map/box", () => () => <></>);
 
 describe("Application should includes parts of each major section", () => {
+  beforeEach(() => {
+    const fakeLocalStorage = (function () {
+      let store = {};
+
+      return {
+        getItem: function (key) {
+          return store[key] || null;
+        },
+        setItem: function (key, value) {
+          store[key] = value.toString();
+        },
+        removeItem: function (key) {
+          delete store[key];
+        },
+        clear: function () {
+          store = {};
+        },
+      };
+    })();
+
+    Object.defineProperty(window, "localStorage", {
+      value: fakeLocalStorage,
+    });
+  });
+
+  afterEach(() => {
+    localStorage.clear();
+  });
+
+  it("should not show a login screen", () => {
+    localStorage.setItem("authToken", "fakeToken");
+    render(<App />);
+    expect(
+      screen.queryByText(/Sign in to upload data/)
+    ).not.toBeInTheDocument();
+  });
+
   it("should have part of the header", () => {
     render(<App />);
     expect(screen.getByText(/Upload/).href).toMatch("/upload");
@@ -25,4 +62,9 @@ describe("Application should includes parts of each major section", () => {
     render(<App />);
     expect(screen.getByText(/WOEIP/).href).toEqual("https://woeip.org/");
   });
+
+  it("should show a login screen", () => {
+    render(<App />);
+    expect(screen.getByText(/Sign in to upload data/)).toBeInTheDocument();
+  });
 });
diff --git a/web/src/api.util.js b/web/src/api.util.js
index fcf48cdd..fc34f09a 100644
--- a/web/src/api.util.js
+++ b/web/src/api.util.js
@@ -30,6 +30,24 @@ export const apiUrlCollectionById = (collectionId) =>
  */
 export const apiUrlDevices = () => apiUrl("devices");
 
+/**
+ * Constructs the api endpoint to login
+ * @returns {string}
+ */
+export const apiUrlAuthLogin = () => apiUrl("auth/login/");
+
+/**
+ * Constructs the api endpoint to logout
+ * @returns {string}
+ */
+export const apiUrlAuthLogout = () => apiUrl("auth/logout/");
+
+/**
+ * Constructs the api endpoint to register a user
+ * @returns {string}
+ */
+export const apiUrlAuthRegister = () => apiUrl("auth/register/");
+
 /**
  * Removes the protocol from a url so that it is an empty protocol.
  * This prevents mixed content errors (https://developer.mozilla.org/en-US/docs/Web/Security/Mixed_content),
@@ -38,3 +56,10 @@ export const apiUrlDevices = () => apiUrl("devices");
  * @returns {string} the link in the form "//domain.io"
  */
 export const emptyProtocol = (link) => link.replace(/^(https?|ftp):/, "");
+
+/**
+ * Passing the auth token to the server in the header requires preceding it with "Token"
+ * @param {string} authToken
+ * @returns {string} token formatted for use in headers
+ */
+export const authTokenHeaderFormat = (authToken) => `Token ${authToken}`;
diff --git a/web/src/api.util.test.js b/web/src/api.util.test.js
index 68c286dc..ac66c24e 100644
--- a/web/src/api.util.test.js
+++ b/web/src/api.util.test.js
@@ -3,6 +3,7 @@ import {
   apiUrlCollections,
   apiUrlCollectionById,
   apiUrlDevices,
+  authTokenHeaderFormat,
   emptyProtocol,
 } from "./api.util";
 
@@ -39,3 +40,8 @@ describe("empty protocol", () => {
       emptyProtocolLink
     ));
 });
+
+describe("authTokenHeaderFormat", () => {
+  it('should pair the token itself with the work "Token"', () =>
+    expect(authTokenHeaderFormat("tokenItself")).toBe("Token tokenItself"));
+});
diff --git a/web/src/components/auth/boundary.js b/web/src/components/auth/boundary.js
new file mode 100644
index 00000000..e86b3aa2
--- /dev/null
+++ b/web/src/components/auth/boundary.js
@@ -0,0 +1,27 @@
+import { useContext } from "react";
+import { Redirect, Route } from "react-router-dom";
+import { Container } from "../ui";
+import { AuthTokenContext } from "./tokenContext";
+
+export const AuthBoundary = ({ children, ...props }) => {
+  const { authToken, tokenLoading } = useContext(AuthTokenContext);
+  return tokenLoading ? (
+    <Container></Container>
+  ) : (
+    <Route
+      {...props}
+      render={({ location }) =>
+        authToken ? (
+          children
+        ) : (
+          <Redirect
+            to={{
+              pathname: "/auth/login",
+              state: { from: location },
+            }}
+          />
+        )
+      }
+    />
+  );
+};
diff --git a/web/src/components/auth/boundary.test.js b/web/src/components/auth/boundary.test.js
new file mode 100644
index 00000000..e170fd1d
--- /dev/null
+++ b/web/src/components/auth/boundary.test.js
@@ -0,0 +1,50 @@
+import { render, screen } from "@testing-library/react";
+import { Router } from "react-router-dom";
+import { createMemoryHistory } from "history";
+import { AuthBoundary } from "./boundary";
+import { AuthTokenContext } from "./tokenContext";
+
+describe("boundary", () => {
+  let history;
+  let renderAuthBoundaryWithHistory;
+  beforeEach(() => {
+    history = createMemoryHistory();
+    renderAuthBoundaryWithHistory = renderAuthBoundary(history);
+  });
+
+  afterEach(() => {
+    history = null;
+    renderAuthBoundaryWithHistory = null;
+  });
+
+  it("should show a placeholder while loading", () => {
+    const { container } = renderAuthBoundaryWithHistory();
+    expect(container.querySelector(".container")).toBeInTheDocument();
+  });
+
+  // FIXME: Redirect is causing overflow of renders
+  it.skip("should redirect to login for anon user", () => {
+    renderAuthBoundaryWithHistory({ tokenLoading: false });
+    screen.debug();
+  });
+
+  it("should show child for authed user", () => {
+    const { container } = renderAuthBoundaryWithHistory({
+      authToken: "fakeToken",
+      tokenLoading: false,
+      children: <div className="child"></div>,
+    });
+    expect(container.querySelector(".child")).toBeInTheDocument();
+  });
+});
+
+const renderAuthBoundary =
+  (history) =>
+  ({ authToken = "", tokenLoading = true, children = <></> } = {}) =>
+    render(
+      <AuthTokenContext.Provider value={{ authToken, tokenLoading }}>
+        <Router history={history}>
+          <AuthBoundary>{children}</AuthBoundary>
+        </Router>
+      </AuthTokenContext.Provider>
+    );
diff --git a/web/src/components/auth/login.css b/web/src/components/auth/login.css
new file mode 100644
index 00000000..8163f96e
--- /dev/null
+++ b/web/src/components/auth/login.css
@@ -0,0 +1,7 @@
+.login-container {
+    margin-top: 2rem;
+}
+
+.login-instructions {
+    margin-bottom: 1rem;
+}
\ No newline at end of file
diff --git a/web/src/components/auth/login.js b/web/src/components/auth/login.js
new file mode 100644
index 00000000..0b3ca645
--- /dev/null
+++ b/web/src/components/auth/login.js
@@ -0,0 +1,65 @@
+import { useContext, useState } from "react";
+import { AuthTokenContext } from "./tokenContext";
+import { login, setAuthTokenItem } from "./utils";
+import { Link, useHistory } from "react-router-dom";
+import { Container, Form, AffirmActionButton } from "../ui";
+import Welcome from "../home/welcome";
+import "./login.css";
+
+export const Login = () => {
+  const { setAuthToken } = useContext(AuthTokenContext);
+  const [isLoading, setIsLoading] = useState(false);
+  const [email, setEmail] = useState("");
+  const [password, setPassword] = useState("");
+  const history = useHistory();
+
+  const handleSubmit = async (e) => {
+    e.preventDefault();
+    setIsLoading(true);
+    const { token } = await login(email, password);
+    setIsLoading(false);
+    if (token) {
+      setAuthToken(token);
+      setAuthTokenItem(token);
+      history.push("/upload");
+    } else {
+      alert("Unable to login. Please check your credentials and try again.");
+    }
+  };
+
+  const changeEmail = (e) => setEmail(e.target.value);
+  const changePassword = (e) => setPassword(e.target.value);
+
+  return (
+    <Container>
+      <Welcome />
+      <Container className="login-container">
+        <Container className="login-instructions">
+          <h2>Sign in to upload data</h2>
+          Or <Link to={"/auth/register"}>Create an Account</Link>
+        </Container>
+        <Form loading={isLoading} onSubmit={handleSubmit}>
+          <Form.Input
+            id="loginEmail"
+            htmlFor="loginEmail"
+            type="email"
+            label="Email"
+            width={6}
+            value={email}
+            onChange={changeEmail}
+          />
+          <Form.Input
+            id="loginEmail"
+            htmlFor="loginEmail"
+            type="password"
+            label="Password"
+            width={6}
+            value={password}
+            onChange={changePassword}
+          />
+          <AffirmActionButton type="submit">Sign In</AffirmActionButton>
+        </Form>
+      </Container>
+    </Container>
+  );
+};
diff --git a/web/src/components/auth/login.test.js b/web/src/components/auth/login.test.js
new file mode 100644
index 00000000..944aac6e
--- /dev/null
+++ b/web/src/components/auth/login.test.js
@@ -0,0 +1,135 @@
+import { fireEvent, render, screen, waitFor } from "@testing-library/react";
+import { Router } from "react-router-dom";
+import { createMemoryHistory } from "history";
+import { Login } from "./login";
+import { server, rest } from "../../serverHandlers";
+import { apiUrlAuthLogin } from "../../api.util";
+import { AuthTokenContext } from "./tokenContext";
+
+describe("login", () => {
+  let history;
+
+  beforeEach(() => {
+    history = createMemoryHistory();
+
+    const fakeLocalStorage = (function () {
+      let store = {};
+
+      return {
+        getItem: function (key) {
+          return store[key] || null;
+        },
+        setItem: function (key, value) {
+          store[key] = value.toString();
+        },
+        removeItem: function (key) {
+          delete store[key];
+        },
+        clear: function () {
+          store = {};
+        },
+      };
+    })();
+
+    Object.defineProperty(window, "localStorage", {
+      value: fakeLocalStorage,
+    });
+  });
+
+  afterEach(() => {
+    history = null;
+
+    localStorage.clear();
+    jest.restoreAllMocks();
+  });
+
+  it("should have the correct fields", () => {
+    render(
+      <AuthTokenContext.Provider value={{ setAuthToken: jest.fn() }}>
+        <Router history={history}>
+          <Login />
+        </Router>
+      </AuthTokenContext.Provider>
+    );
+    expect(screen.getByText("Email")).toBeInTheDocument();
+    expect(screen.getByText("Password")).toBeInTheDocument();
+  });
+
+  it("should show the loading screen when signing in", async () => {
+    server.use(
+      rest.post(apiUrlAuthLogin(), (_req, res, ctx) => {
+        return res(ctx.status(200), ctx.json({ key: "fakeToken" }));
+      })
+    );
+
+    const { container } = render(
+      <AuthTokenContext.Provider value={{ setAuthToken: jest.fn() }}>
+        <Router history={history}>
+          <Login />
+        </Router>
+      </AuthTokenContext.Provider>
+    );
+
+    expect(container.querySelector(".loading")).not.toBeInTheDocument();
+
+    fireEvent.click(screen.getByText("Sign In"));
+    await waitFor(() => {
+      expect(container.querySelector(".loading")).toBeInTheDocument();
+    });
+
+    await waitFor(() => {
+      expect(container.querySelector(".loading")).not.toBeInTheDocument();
+    });
+  });
+
+  it("should set token and direct to upload after success", async () => {
+    const setItemSpy = jest.spyOn(localStorage, "setItem");
+    const setAuthToken = jest.fn();
+
+    server.use(
+      rest.post(apiUrlAuthLogin(), (_req, res, ctx) => {
+        return res(ctx.status(200), ctx.json({ key: "fakeToken" }));
+      })
+    );
+
+    render(
+      <AuthTokenContext.Provider value={{ setAuthToken }}>
+        <Router history={history}>
+          <Login />
+        </Router>
+      </AuthTokenContext.Provider>
+    );
+
+    fireEvent.click(screen.getByText("Sign In"));
+    await waitFor(() => {
+      expect(setItemSpy).toHaveBeenCalledWith("authToken", "fakeToken");
+      expect(setAuthToken).toHaveBeenCalledWith("fakeToken");
+      expect(history.location.pathname).toBe("/upload");
+    });
+  });
+
+  it("should show an alert after failure", async () => {
+    const alertSpy = jest.spyOn(window, "alert").mockImplementation(() => {});
+    const setAuthToken = jest.fn();
+    server.use(
+      rest.post(apiUrlAuthLogin(), (_req, res, ctx) => {
+        return res(ctx.status(500));
+      })
+    );
+
+    render(
+      <AuthTokenContext.Provider value={{ setAuthToken }}>
+        <Router history={history}>
+          <Login />
+        </Router>
+      </AuthTokenContext.Provider>
+    );
+
+    fireEvent.click(screen.getByText("Sign In"));
+
+    await waitFor(() => {
+      expect(alertSpy).toHaveBeenCalled();
+      expect(setAuthToken).not.toHaveBeenCalled();
+    });
+  });
+});
diff --git a/web/src/components/auth/logout.js b/web/src/components/auth/logout.js
new file mode 100644
index 00000000..bfefbf9a
--- /dev/null
+++ b/web/src/components/auth/logout.js
@@ -0,0 +1,34 @@
+import { useContext, useEffect, useState } from "react";
+import { useHistory } from "react-router-dom";
+import { AuthTokenContext } from "./tokenContext";
+import { clearAuthTokenItem, logout } from "./utils";
+import { Container, Dimmer, Loader } from "../ui";
+
+export const Logout = () => {
+  const { authToken, setAuthToken } = useContext(AuthTokenContext);
+  const [pending, setPending] = useState(true);
+  const history = useHistory();
+
+  useEffect(() => {
+    (async () => {
+      const { succeeded } = await logout(authToken);
+      setPending(false);
+      if (succeeded) {
+        clearAuthTokenItem();
+        setAuthToken("");
+        history.push("/auth/login");
+      } else {
+        alert("Unable to sign out. Please reload page to try again.");
+      }
+    })();
+    // Run once on mount
+  }, []); // eslint-disable-line react-hooks/exhaustive-deps
+
+  return (
+    <Container textAlign="center">
+      <Dimmer active={pending}>
+        <Loader indeterminate>Signing out...</Loader>
+      </Dimmer>
+    </Container>
+  );
+};
diff --git a/web/src/components/auth/logout.test.js b/web/src/components/auth/logout.test.js
new file mode 100644
index 00000000..c4c484a2
--- /dev/null
+++ b/web/src/components/auth/logout.test.js
@@ -0,0 +1,102 @@
+import { waitFor, render, screen } from "@testing-library/react";
+import { createMemoryHistory } from "history";
+import { Router } from "react-router-dom";
+import { apiUrlAuthLogout } from "../../api.util";
+import { server, rest } from "../../serverHandlers";
+import { Logout } from "./logout";
+
+describe("logout", () => {
+  let history;
+
+  beforeEach(() => {
+    history = createMemoryHistory();
+
+    const fakeLocalStorage = (function () {
+      let store = {};
+
+      return {
+        getItem: function (key) {
+          return store[key] || null;
+        },
+        setItem: function (key, value) {
+          store[key] = value.toString();
+        },
+        removeItem: function (key) {
+          delete store[key];
+        },
+        clear: function () {
+          store = {};
+        },
+      };
+    })();
+
+    Object.defineProperty(window, "localStorage", {
+      value: fakeLocalStorage,
+    });
+  });
+
+  afterEach(() => {
+    history = null;
+
+    localStorage.clear();
+    jest.restoreAllMocks();
+  });
+
+  it("should show loader while logging out", async () => {
+    server.use(
+      rest.post(apiUrlAuthLogout(), (_req, res, ctx) => {
+        return res(ctx.status(200));
+      })
+    );
+
+    await waitFor(() =>
+      render(
+        <Router history={history}>
+          <Logout />
+        </Router>
+      )
+    );
+    await waitFor(() =>
+      expect(screen.getByText(/Signing out/i)).toBeInTheDocument()
+    );
+  });
+
+  it("should show login screen when successfully logged out", async () => {
+    const removeItemSpy = jest.spyOn(localStorage, "removeItem");
+    server.use(
+      rest.post(apiUrlAuthLogout(), (_req, res, ctx) => {
+        return res(ctx.status(200));
+      })
+    );
+
+    await waitFor(() =>
+      render(
+        <Router history={history}>
+          <Logout />
+        </Router>
+      )
+    );
+    await waitFor(() => {
+      expect(removeItemSpy).toHaveBeenCalled();
+      expect(history.location.pathname).toBe("/auth/login");
+    });
+  });
+
+  it("should alert when failed to log out", async () => {
+    const alertSpy = jest.spyOn(window, "alert").mockImplementation(() => {});
+
+    server.use(
+      rest.post(apiUrlAuthLogout(), (_req, res, ctx) => {
+        return res(ctx.status(500));
+      })
+    );
+
+    render(
+      <Router history={history}>
+        <Logout />
+      </Router>
+    );
+    await waitFor(() => expect(alertSpy).toHaveBeenCalled());
+    expect(screen.getByText(/Signing Out/i)).toBeInTheDocument();
+  });
+});
diff --git a/web/src/components/auth/register.css b/web/src/components/auth/register.css
new file mode 100644
index 00000000..89489afa
--- /dev/null
+++ b/web/src/components/auth/register.css
@@ -0,0 +1,7 @@
+.register-container {
+    margin-top: 2rem;
+}
+
+.register-instructions {
+    margin-bottom: 1rem;
+}
\ No newline at end of file
diff --git a/web/src/components/auth/register.js b/web/src/components/auth/register.js
new file mode 100644
index 00000000..fcb03b9a
--- /dev/null
+++ b/web/src/components/auth/register.js
@@ -0,0 +1,87 @@
+import { useState, useContext, useEffect } from "react";
+import { AuthTokenContext } from "./tokenContext";
+import { register, setAuthTokenItem } from "./utils";
+import { Link, useHistory } from "react-router-dom";
+import { AffirmActionButton, Container, Form } from "../ui";
+import Welcome from "../home/welcome";
+import "./register.css";
+
+const passwordMismatchError = {
+  content: "passwords do not match",
+  pointing: "above",
+};
+
+export const Register = () => {
+  const history = useHistory();
+  const { setAuthToken } = useContext(AuthTokenContext);
+  const [isRegistering, setIsRegistering] = useState(false);
+  const [email, setEmail] = useState("");
+  const [password, setPassword] = useState("");
+  const [confirmPassword, setConfirmPassword] = useState("");
+  const [passwordsMismatched, setPasswordsMismatched] = useState(false);
+
+  const changeEmail = (e) => setEmail(e.target.value);
+  const changePassword = (e) => setPassword(e.target.value);
+  const changeConfirmPassword = (e) => setConfirmPassword(e.target.value);
+
+  useEffect(() => {
+    setPasswordsMismatched(confirmPassword && password !== confirmPassword);
+  }, [password, confirmPassword]);
+
+  const handleSubmit = async (e) => {
+    e.preventDefault();
+    setIsRegistering(true);
+    const { token } = await register(email, password, confirmPassword);
+    setIsRegistering(false);
+    if (token) {
+      setAuthToken(token);
+      setAuthTokenItem(token);
+      history.push("/about");
+    } else {
+      alert("Unable to register. Please check your credentials and try again.");
+    }
+  };
+
+  return (
+    <Container>
+      <Welcome />
+      <Container className="register-container">
+        <Container className="register-instructions">
+          <h2>Create an Account</h2>
+          Or <Link to={"/auth/login"}>Sign in with existing account</Link>
+        </Container>
+        <Form loading={isRegistering} onSubmit={handleSubmit}>
+          <Form.Input
+            id="registerEmail"
+            htmlFor="registerEmail"
+            type="email"
+            label="Email"
+            width={6}
+            value={email}
+            onChange={changeEmail}
+          />
+          <Form.Input
+            id="registerPassword"
+            htmlFor="registerPassword"
+            type="password"
+            label="Password"
+            width={6}
+            value={password}
+            onChange={changePassword}
+          />
+          <Form.Input
+            id="registerConfirmPassword"
+            htmlFor="registerConfirmPassword"
+            type="password"
+            label="Confirm Password"
+            width={6}
+            value={confirmPassword}
+            onChange={changeConfirmPassword}
+            error={passwordsMismatched ? passwordMismatchError : null}
+          />
+          <AffirmActionButton type="submit">Create Account</AffirmActionButton>
+        </Form>
+      </Container>
+    </Container>
+  );
+};
diff --git a/web/src/components/auth/register.test.js b/web/src/components/auth/register.test.js
new file mode 100644
index 00000000..932b50c1
--- /dev/null
+++ b/web/src/components/auth/register.test.js
@@ -0,0 +1,159 @@
+import { fireEvent, render, screen, waitFor } from "@testing-library/react";
+import userEvent from "@testing-library/user-event";
+import { Router } from "react-router-dom";
+import { createMemoryHistory } from "history";
+import { Register } from "./register";
+import { AuthTokenContext } from "./tokenContext";
+import { server, rest } from "../../serverHandlers";
+import { apiUrlAuthRegister } from "../../api.util";
+
+describe("register", () => {
+  let history;
+
+  beforeEach(() => {
+    history = createMemoryHistory();
+
+    const fakeLocalStorage = (function () {
+      let store = {};
+
+      return {
+        getItem: function (key) {
+          return store[key] || null;
+        },
+        setItem: function (key, value) {
+          store[key] = value.toString();
+        },
+        removeItem: function (key) {
+          delete store[key];
+        },
+        clear: function () {
+          store = {};
+        },
+      };
+    })();
+
+    Object.defineProperty(window, "localStorage", {
+      value: fakeLocalStorage,
+    });
+  });
+
+  afterEach(() => {
+    history = null;
+
+    localStorage.clear();
+    jest.restoreAllMocks();
+  });
+
+  it("should have needed fields", () => {
+    render(
+      <AuthTokenContext.Provider value={{ setAuthToken: jest.fn() }}>
+        <Router history={history}>
+          <Register />
+        </Router>
+      </AuthTokenContext.Provider>
+    );
+
+    expect(screen.getByText("Email")).toBeInTheDocument();
+    expect(screen.getByText("Password")).toBeInTheDocument();
+    expect(screen.getByText("Confirm Password")).toBeInTheDocument();
+  });
+
+  it("should show message on password mismatch", () => {
+    render(
+      <AuthTokenContext.Provider value={{ setAuthToken: jest.fn() }}>
+        <Router history={history}>
+          <Register />
+        </Router>
+      </AuthTokenContext.Provider>
+    );
+
+    const password = screen.getByLabelText("Password");
+    const confirmPassword = screen.getByLabelText("Confirm Password");
+    userEvent.type(password, "abc");
+    expect(
+      screen.queryByText("passwords do not match")
+    ).not.toBeInTheDocument();
+    userEvent.type(confirmPassword, "a");
+    expect(screen.getByText("passwords do not match")).toBeInTheDocument();
+  });
+
+  it("should should show loading styling when creating account", async () => {
+    server.use(
+      rest.post(apiUrlAuthRegister(), (_req, res, ctx) => {
+        return res(ctx.status(200), ctx.json({ key: "fakeToken" }));
+      })
+    );
+
+    const { container } = render(
+      <AuthTokenContext.Provider value={{ setAuthToken: jest.fn() }}>
+        <Router history={history}>
+          <Register />
+        </Router>
+      </AuthTokenContext.Provider>
+    );
+
+    expect(container.querySelector(".loading")).not.toBeInTheDocument();
+
+    fireEvent.click(screen.getByText("Create Account"));
+
+    await waitFor(() => {
+      expect(container.querySelector(".loading")).toBeInTheDocument();
+    });
+
+    await waitFor(() => {
+      expect(container.querySelector(".loading")).not.toBeInTheDocument();
+    });
+  });
+
+  it("should set token and direct to about page, on registration success", async () => {
+    const setItemSpy = jest.spyOn(localStorage, "setItem");
+    const setAuthToken = jest.fn();
+
+    server.use(
+      rest.post(apiUrlAuthRegister(), (_req, res, ctx) => {
+        return res(ctx.status(200), ctx.json({ key: "fakeToken" }));
+      })
+    );
+
+    render(
+      <AuthTokenContext.Provider value={{ setAuthToken }}>
+        <Router history={history}>
+          <Register />
+        </Router>
+      </AuthTokenContext.Provider>
+    );
+
+    fireEvent.click(screen.getByText("Create Account"));
+    await waitFor(() => {
+      expect(setItemSpy).toHaveBeenCalledWith("authToken", "fakeToken");
+      expect(setAuthToken).toHaveBeenCalledWith("fakeToken");
+      expect(history.location.pathname).toBe("/about");
+    });
+  });
+
+  it("should show an alert on registration failure", async () => {
+    const alertSpy = jest.spyOn(window, "alert").mockImplementation(() => {});
+    const setAuthToken = jest.fn();
+
+    server.use(
+      rest.post(apiUrlAuthRegister(), (_req, res, ctx) => {
+        return res(ctx.status(400));
+      })
+    );
+
+    render(
+      <AuthTokenContext.Provider value={{ setAuthToken }}>
+        <Router history={history}>
+          <Register />
+        </Router>
+      </AuthTokenContext.Provider>
+    );
+
+    fireEvent.click(screen.getByText("Create Account"));
+
+    await waitFor(() => {
+      expect(alertSpy).toHaveBeenCalled();
+      expect(setAuthToken).not.toHaveBeenCalled();
+    });
+  });
+});
diff --git a/web/src/components/auth/tokenContext.js b/web/src/components/auth/tokenContext.js
new file mode 100644
index 00000000..b1c5f947
--- /dev/null
+++ b/web/src/components/auth/tokenContext.js
@@ -0,0 +1,7 @@
+import { createContext } from "react";
+
+export const AuthTokenContext = createContext({
+  authToken: "",
+  tokenLoading: false,
+  setAuthToken: () => {},
+});
diff --git a/web/src/components/auth/utils.js b/web/src/components/auth/utils.js
new file mode 100644
index 00000000..d515021d
--- /dev/null
+++ b/web/src/components/auth/utils.js
@@ -0,0 +1,89 @@
+import axios from "axios";
+import {
+  apiUrlAuthLogin,
+  apiUrlAuthLogout,
+  apiUrlAuthRegister,
+  authTokenHeaderFormat,
+} from "../../api.util";
+
+/**
+ * Request to start user session and receive auth token
+ * @param {string} email
+ * @param {string} password
+ * @modifies {API}
+ * @returns {{token: string}} auth token
+ */
+export const login = async (email, password) => {
+  let token = "";
+  const data = {
+    email,
+    password,
+  };
+  try {
+    const response = await axios.post(apiUrlAuthLogin(), data);
+    token = response.data.key ?? "";
+  } finally {
+    return { token };
+  }
+};
+
+/**
+ * Request to end user session
+ * @param {string} authToken
+ * @modifies {API}
+ * @returns {{succeeded: boolean}}
+ */
+export const logout = async (authToken) => {
+  const options = {
+    headers: { Authorization: authTokenHeaderFormat(authToken) },
+  };
+  try {
+    await axios.post(apiUrlAuthLogout(), options);
+    return { succeeded: true };
+  } catch {
+    return { succeeded: false };
+  }
+};
+
+/**
+ * Request to create user, start user session, and receive auth token
+ * @param {string} email
+ * @param {string} password1
+ * @param {string} password2
+ * @modifies {API}
+ * @returns {{token: string}} auth token
+ */
+export const register = async (email, password1, password2) => {
+  let token = "";
+  const data = {
+    email,
+    password1,
+    password2,
+  };
+  try {
+    const response = await axios.post(apiUrlAuthRegister(), data);
+    token = response.data.key ?? "";
+  } finally {
+    return { token };
+  }
+};
+
+/**
+ * Removes auth token from local storage
+ * @modifies {LocalStorage}
+ */
+export const clearAuthTokenItem = () => localStorage.removeItem("authToken");
+
+/**
+ * Retrieve auth token from local storage
+ * @returns {string} auth token
+ */
+export const getAuthTokenItem = () => localStorage.getItem("authToken") ?? "";
+
+/**
+ * Place auth token into local storage
+ * @param {string} authToken
+ * @modifies {LocalStorage}
+ */
+export const setAuthTokenItem = (authToken) =>
+  localStorage.setItem("authToken", authToken);
diff --git a/web/src/components/auth/utils.test.js b/web/src/components/auth/utils.test.js
new file mode 100644
index 00000000..9a7bfa9f
--- /dev/null
+++ b/web/src/components/auth/utils.test.js
@@ -0,0 +1,132 @@
+import { server, rest } from "../../serverHandlers";
+import {
+  clearAuthTokenItem,
+  getAuthTokenItem,
+  login,
+  logout,
+  register,
+  setAuthTokenItem,
+} from "./utils";
+import {
+  apiUrlAuthLogin,
+  apiUrlAuthLogout,
+  apiUrlAuthRegister,
+} from "../../api.util";
+
+describe("login", () => {
+  it("should return a token on success", async () => {
+    server.use(
+      rest.post(apiUrlAuthLogin(), (_req, res, ctx) => {
+        return res(ctx.status(200), ctx.json({ key: "fakeToken" }));
+      })
+    );
+    const { token } = await login("user@place.com", "password");
+    expect(token).toBe("fakeToken");
+  });
+
+  it("should return an empty string on failure", async () => {
+    server.use(
+      rest.post(apiUrlAuthLogin(), (_req, res, ctx) => {
+        return res(ctx.status(400));
+      })
+    );
+    const { token } = await login("user@place.com", "password");
+    expect(token).toBe("");
+  });
+});
+
+describe("logout", () => {
+  it("should return true on success", async () => {
+    server.use(
+      rest.post(apiUrlAuthLogout(), (_req, res, ctx) => {
+        return res(ctx.status(200));
+      })
+    );
+    const { succeeded } = await logout("fakeToken");
+    expect(succeeded).toBe(true);
+  });
+
+  it("should return false on failure", async () => {
+    server.use(
+      rest.post(apiUrlAuthLogout(), (_req, res, ctx) => {
+        return res(ctx.status(400));
+      })
+    );
+    const { succeeded } = await logout("fakeToken");
+    expect(succeeded).toBe(false);
+  });
+});
+
+describe("register", () => {
+  it("should return token on success", async () => {
+    server.use(
+      rest.post(apiUrlAuthRegister(), (_req, res, ctx) => {
+        return res(ctx.status(200), ctx.json({ key: "fakeToken" }));
+      })
+    );
+
+    const { token } = await register("user@place.com", "password", "password");
+    expect(token).toBe("fakeToken");
+  });
+
+  it("should return empty string on failure", async () => {
+    server.use(
+      rest.post(apiUrlAuthRegister(), (_req, res, ctx) => {
+        return res(ctx.status(500));
+      })
+    );
+    const { token } = await register();
+    expect(token).toBe("");
+  });
+});
+
+describe("token local storage manipulation", () => {
+  beforeEach(() => {
+    const fakeLocalStorage = (function () {
+      let store = {};
+
+      return {
+        getItem: function (key) {
+          return store[key] || null;
+        },
+        setItem: function (key, value) {
+          store[key] = value.toString();
+        },
+        removeItem: function (key) {
+          delete store[key];
+        },
+        clear: function () {
+          store = {};
+        },
+      };
+    })();
+
+    Object.defineProperty(window, "localStorage", {
+      value: fakeLocalStorage,
+    });
+  });
+
+  afterEach(() => {
+    localStorage.clear();
+    jest.restoreAllMocks();
+  });
+
+  it("should remove auth token from local storage", () => {
+    const removeItemSpy = jest.spyOn(localStorage, "removeItem");
+    clearAuthTokenItem();
+    expect(removeItemSpy).toHaveBeenCalledWith("authToken");
+  });
+
+  it("should retrieve an auth token from local storage", () => {
+    const getItemSpy = jest.spyOn(localStorage, "getItem");
+    const authTokenItem = getAuthTokenItem();
+    expect(authTokenItem).toBe("");
+    expect(getItemSpy).toHaveBeenCalledWith("authToken");
+  });
+
+  it("should set the auth token in local storage", () => {
+    const setItemSpy = jest.spyOn(localStorage, "setItem");
+    setAuthTokenItem("fakeToken");
+    expect(setItemSpy).toHaveBeenCalledWith("authToken", "fakeToken");
+  });
+});
diff --git a/web/src/components/home/index.js b/web/src/components/home/index.js
index 986632c7..11ced939 100644
--- a/web/src/components/home/index.js
+++ b/web/src/components/home/index.js
@@ -1,9 +1,10 @@
-import { Container } from "../ui";
+import { AuthBoundary } from "../auth/boundary";
+import Welcome from "./welcome";
 
 export const Home = () => {
   return (
-    <Container textAlign="center">
-      <h2>Welcome to West Oakland Air Quality!</h2>
-    </Container>
+    <AuthBoundary>
+      <Welcome />
+    </AuthBoundary>
   );
 };
diff --git a/web/src/components/home/index.test.js b/web/src/components/home/index.test.js
index 4e0e9510..219e8ccb 100644
--- a/web/src/components/home/index.test.js
+++ b/web/src/components/home/index.test.js
@@ -1,9 +1,27 @@
 import { render, screen } from "@testing-library/react";
+import { Router } from "react-router-dom";
+import { createMemoryHistory } from "history";
+import { AuthTokenContext } from "../auth/tokenContext";
 import { Home } from "./";
 
 describe("Home", () => {
+  let history;
+  beforeEach(() => {
+    history = createMemoryHistory();
+  });
+
+  afterEach(() => {
+    history = null;
+  });
+
   it("should show welcome message", () => {
-    render(<Home />);
+    render(
+      <AuthTokenContext.Provider value={{ authToken: "fakeToken" }}>
+        <Router history={history}>
+          <Home />
+        </Router>
+      </AuthTokenContext.Provider>
+    );
     expect(screen.getByText(/Welcome/)).toBeInTheDocument();
   });
 });
diff --git a/web/src/components/home/welcome.css b/web/src/components/home/welcome.css
new file mode 100644
index 00000000..786d818f
--- /dev/null
+++ b/web/src/components/home/welcome.css
@@ -0,0 +1,3 @@
+.welcome-intro {
+    max-width: 30rem;
+}
diff --git a/web/src/components/home/welcome.js b/web/src/components/home/welcome.js
new file mode 100644
index 00000000..c78613a9
--- /dev/null
+++ b/web/src/components/home/welcome.js
@@ -0,0 +1,15 @@
+import { Container } from "../ui";
+import "./welcome.css";
+
+export default function Welcome() {
+  return (
+    <Container>
+      <h1>Welcome to WOAQ!</h1>
+      <p className="welcome-intro">
+        West Oakland Air Quality supports the West Oakland Environmental
+        Indicators Project by putting local air quality in the hands of West
+        Oaklanders.
+      </p>
+    </Container>
+  );
+}
diff --git a/web/src/components/map/box.js b/web/src/components/map/box.js
index 45b6c626..bca86ffc 100644
--- a/web/src/components/map/box.js
+++ b/web/src/components/map/box.js
@@ -9,7 +9,8 @@ import "mapbox-gl/dist/mapbox-gl.css";
 // Hack: https://github.com/mapbox/mapbox-gl-js/issues/10173#issuecomment-753662795
 import mapboxgl from "mapbox-gl";
 /* eslint-disable import/no-webpack-loader-syntax */
-mapboxgl.workerClass = require("worker-loader!mapbox-gl/dist/mapbox-gl-csp-worker").default;
+mapboxgl.workerClass =
+  require("worker-loader!mapbox-gl/dist/mapbox-gl-csp-worker").default;
 /* eslint-enable import/no-webpack-loader-syntax */
 
 export const PM25_CATEGORY_COLORS = {
diff --git a/web/src/components/nav/bar.js b/web/src/components/nav/bar.js
index 34cb9216..eb6d04eb 100644
--- a/web/src/components/nav/bar.js
+++ b/web/src/components/nav/bar.js
@@ -1,7 +1,17 @@
+import { useContext, useEffect, useState } from "react";
 import { Link, NavLink, withRouter } from "react-router-dom";
+import { AuthTokenContext } from "../auth/tokenContext";
 import { Container, Menu } from "../ui";
 
 const Navbar = () => {
+  const { authToken, isTokenLoading } = useContext(AuthTokenContext);
+  const [links, setLinks] = useState([]);
+  // Wait to return navigation links until token finishes loading
+  useEffect(
+    () => setLinks(isTokenLoading ? [] : activeHeaderLinks(authToken)),
+    [isTokenLoading, authToken]
+  );
+
   return (
     <Container>
       <Menu pointing secondary style={{ borderBottom: "none" }}>
@@ -31,8 +41,15 @@ export const NavbarWithRouter = withRouter(Navbar);
 /**
  * Data for Navigation Routes
  */
-const links = [
+const allHeaderLinks = [
   { text: "About", route: "about" },
   { text: "Upload", route: "upload" },
   { text: "Maps", route: "maps" },
+  { text: "Sign In", route: "auth/login" },
+  { text: "Log Out", route: "auth/logout" },
 ];
+
+const activeHeaderLinks = (authToken) => {
+  const filteredLink = authToken ? "Sign In" : "Log Out";
+  return allHeaderLinks.filter((link) => link.text !== filteredLink);
+};
diff --git a/web/src/components/nav/bar.test.js b/web/src/components/nav/bar.test.js
index 535a169b..93866265 100644
--- a/web/src/components/nav/bar.test.js
+++ b/web/src/components/nav/bar.test.js
@@ -2,6 +2,7 @@ import { render, screen, fireEvent } from "@testing-library/react";
 import { NavbarWithRouter } from "./bar";
 import { Router } from "react-router-dom";
 import { createMemoryHistory } from "history";
+import { AuthTokenContext } from "../auth/tokenContext";
 
 describe("Navbar", () => {
   let history;
@@ -13,15 +14,21 @@ describe("Navbar", () => {
     history = null;
   });
 
-  it("should contain three links", () => {
-    renderWithRouter(history);
+  it("should contain four links, including logout", () => {
+    renderWithRouter({ history });
     expect(screen.getByText(/WO/).closest("a").href).toMatch("/");
     expect(screen.getByText(/Upload/).href).toMatch("/upload");
     expect(screen.getByText(/Maps/).href).toMatch("/maps");
+    expect(screen.getByText(/Log Out/).href).toMatch("/auth/logout");
+  });
+
+  it("should contain signin link", () => {
+    renderWithRouter({ history, authToken: "" });
+    expect(screen.getByText(/Sign In/).href).toMatch("/auth/login");
   });
 
   it("should cycle through all pages, default on home page", () => {
-    renderWithRouter(history);
+    renderWithRouter({ history });
     expect(history.location.pathname).toEqual("/");
     fireEvent.click(screen.getByText(/Upload/));
     expect(history.location.pathname).toEqual("/upload");
@@ -29,13 +36,23 @@ describe("Navbar", () => {
     expect(history.location.pathname).toEqual("/maps");
     fireEvent.click(screen.getByText(/WOAQ/).closest("a"));
     expect(history.location.pathname).toEqual("/");
+    fireEvent.click(screen.getByText(/Log Out/));
+    expect(history.location.pathname).toEqual("/auth/logout");
+  });
+
+  it("should direct to sign in link", () => {
+    renderWithRouter({ history, authToken: "" });
+    fireEvent.click(screen.getByText(/Sign In/));
+    expect(history.location.pathname).toEqual("/auth/login");
   });
 });
 
-const renderWithRouter = (history) => {
+const renderWithRouter = ({ history, authToken = "fakeToken" } = {}) => {
   return render(
-    <Router history={history}>
-      <NavbarWithRouter />
-    </Router>
+    <AuthTokenContext.Provider value={{ authToken }}>
+      <Router history={history}>
+        <NavbarWithRouter />
+      </Router>
+    </AuthTokenContext.Provider>
   );
 };
diff --git a/web/src/components/nav/index.test.js b/web/src/components/nav/index.test.js
index 74e20c73..0d555eed 100644
--- a/web/src/components/nav/index.test.js
+++ b/web/src/components/nav/index.test.js
@@ -1,5 +1,6 @@
 import { render, screen, fireEvent } from "@testing-library/react";
 import { Navigation } from "./";
+import { AuthTokenContext } from "../auth/tokenContext";
 
 /**
  * gl-js used in "box" component has hard requirements for browser apis. it cannot run in jest
@@ -14,23 +15,51 @@ jest.mock("../map", () => () => <></>);
 jest.mock("../upload", () => () => <></>);
 
 describe("Navigation", () => {
-  it("should stay on home page", () => {
-    render(<Navigation />);
-    // Use quotes to get exact match, avoiding conflict with "WOAQ" in welcome message.
+  it("should stay on home page when signed in", () => {
+    renderNavigation();
     fireEvent.click(screen.getByText("WOAQ"));
     expect(window.location.pathname).toEqual("/");
     expect(screen.getByText(/Welcome/)).toBeInTheDocument();
+    expect(screen.queryByText(/Sign in to upload/)).not.toBeInTheDocument();
   });
 
-  it("should navigate to upload page", () => {
-    render(<Navigation />);
+  it("should redirect to sign in from home when logged out", () => {
+    renderNavigation({ authToken: "" });
+    fireEvent.click(screen.getByText("WOAQ"));
+    expect(window.location.pathname).toEqual("/auth/login");
+    expect(screen.queryByText(/Sign in to upload/)).toBeInTheDocument();
+  });
+
+  it("should navigate to upload page when signed in", () => {
+    renderNavigation();
     fireEvent.click(screen.getByText(/Upload/));
     expect(window.location.pathname).toEqual("/upload");
   });
 
-  it("should navigate to map page", () => {
-    render(<Navigation />);
+  // FIXME: Upload page is failing to redirect
+  it.skip("should redirect to sign in from upload when logged out", async () => {
+    renderNavigation({ authToken: "" });
+    fireEvent.click(screen.getByText(/Upload/));
+    expect(window.location.pathname).toEqual("/auth/login");
+    expect(screen.queryByText(/Sign in to upload/)).toBeInTheDocument();
+  });
+
+  it("should navigate to map page when signed in", () => {
+    renderNavigation();
+    fireEvent.click(screen.getByText(/Maps/));
+    expect(window.location.pathname).toEqual("/maps");
+  });
+
+  it("should show map even when logged out", () => {
+    renderNavigation({ authToken: "" });
     fireEvent.click(screen.getByText(/Maps/));
     expect(window.location.pathname).toEqual("/maps");
   });
 });
+
+const renderNavigation = ({ authToken = "fakeToken" } = {}) =>
+  render(
+    <AuthTokenContext.Provider value={{ authToken }}>
+      <Navigation />
+    </AuthTokenContext.Provider>
+  );
diff --git a/web/src/components/nav/switch.js b/web/src/components/nav/switch.js
index 3af357e2..593ecd9d 100644
--- a/web/src/components/nav/switch.js
+++ b/web/src/components/nav/switch.js
@@ -4,16 +4,17 @@ import { Map } from "../map";
 import { Upload } from "../upload";
 import { Home } from "../home";
 import { About } from "../about";
+import { Login } from "../auth/login";
+import { Logout } from "../auth/logout";
+import { Register } from "../auth/register";
 
-export const Navswitch = () => {
-  return (
-    <Switch>
-      {routes.map((route) => (
-        <Route key={route.path} {...route} />
-      ))}
-    </Switch>
-  );
-};
+export const Navswitch = () => (
+  <Switch>
+    {routes.map((route) => (
+      <Route key={route.path} {...route} />
+    ))}
+  </Switch>
+);
 
 /**
  * Route data: includes the components to render
@@ -39,4 +40,19 @@ export const routes = [
     exact: true,
     component: About,
   },
+  {
+    path: "/auth/login",
+    exact: true,
+    component: Login,
+  },
+  {
+    path: "/auth/logout",
+    exact: true,
+    component: Logout,
+  },
+  {
+    path: "/auth/register",
+    exact: true,
+    component: Register,
+  },
 ];
diff --git a/web/src/components/ui/index.js b/web/src/components/ui/index.js
index 7199b95b..7d547222 100644
--- a/web/src/components/ui/index.js
+++ b/web/src/components/ui/index.js
@@ -17,6 +17,7 @@ export {
   Icon,
   Label,
   Grid,
+  Form,
 } from "semantic-ui-react";
 
 export const LinkedHeader = ({ ...props }) => (
diff --git a/web/src/components/upload/confirm.js b/web/src/components/upload/confirm.js
index 411de9df..04ed2afc 100644
--- a/web/src/components/upload/confirm.js
+++ b/web/src/components/upload/confirm.js
@@ -1,9 +1,9 @@
 import { PropTypes } from "prop-types";
-import { useState, useEffect } from "react";
+import { useState, useEffect, useContext } from "react";
 import { useHistory } from "react-router-dom";
 import axios from "axios";
 
-import { getFilesForm } from "./confirm.utils";
+import { getFilesForm, saveCollection } from "./utils";
 
 import {
   Segment,
@@ -18,7 +18,7 @@ import {
 
 import { UploadCancelModal } from "./cancelModal";
 import { Form } from "semantic-ui-react";
-import { apiUrlCollections } from "../../api.util";
+import { AuthTokenContext } from "../auth/tokenContext";
 
 /**
  * Allow the user to view data about their files
@@ -43,6 +43,7 @@ export const UploadConfirm = ({
   clearDustrakSerial,
   returnToDrop,
 }) => {
+  const { authToken } = useContext(AuthTokenContext);
   const [shouldShowCancelModal, setShouldShowCancelModal] = useState(false);
   const [isSaving, setIsSaving] = useState(false);
   const [filesForm, setFilesForm] = useState(new Form());
@@ -64,35 +65,28 @@ export const UploadConfirm = ({
   useEffect(() => {
     (async () => {
       if (isSaving) {
-        const options = {
-          headers: {
-            "Content-Type": "multipart/form-data",
-          },
-          cancelToken: cancelTokenSource.token,
-        };
-        try {
-          await axios.post(apiUrlCollections(), filesForm, options);
+        const { errorMessage } = await saveCollection(filesForm, authToken);
+        if (!errorMessage) {
           history.push({
             pathname: "/maps",
             state: {
               date: dustrakStart.format("MM/DD/YYYY"),
             },
           });
-        } catch (thrown) {
-          if (axios.isCancel(thrown)) {
-            alert("Canceled request to save uploads");
-          } else {
-            if (thrown.response) {
-              alert(`Failed to save uploads: ${thrown.response.data}`);
-            } else {
-              alert("Failed to save uploads");
-            }
-          }
+        } else {
+          alert(`Unable to upload files. ${errorMessage}`);
         }
         setIsSaving(false);
       }
     })();
-  }, [filesForm, dustrakStart, history, cancelTokenSource, isSaving]);
+  }, [
+    authToken,
+    filesForm,
+    dustrakStart,
+    history,
+    cancelTokenSource,
+    isSaving,
+  ]);
 
   /**
    * @modifies {isSaving} Notify component we are saving
diff --git a/web/src/components/upload/drop.js b/web/src/components/upload/drop.js
index b844447d..3d8bdc3c 100644
--- a/web/src/components/upload/drop.js
+++ b/web/src/components/upload/drop.js
@@ -28,7 +28,7 @@ import {
   getGpsStart,
   getDustrakSerial,
   getDustrakEnd,
-} from "./drop.utils";
+} from "./utils";
 
 /**
  * @property {Array<File>} files Array of files uploaded by user
diff --git a/web/src/components/upload/index.js b/web/src/components/upload/index.js
index a59f5c93..74f8cb38 100644
--- a/web/src/components/upload/index.js
+++ b/web/src/components/upload/index.js
@@ -5,6 +5,7 @@ import { UploadDrop } from "./drop";
 import { UploadConfirm } from "./confirm";
 import { Container } from "../ui";
 import { findDevice, getDevices } from "./utils";
+import { AuthBoundary } from "../auth/boundary";
 
 export const Upload = () => {
   const [files, setFiles] = useState([]);
@@ -26,32 +27,34 @@ export const Upload = () => {
   }, [dustrakSerial]);
 
   return (
-    <Container>
-      {phase === "drop" && (
-        <UploadDrop
-          files={files}
-          setFiles={setFiles}
-          proceedToConfirm={() => setPhase("confirm")}
-          setDustrakStart={setDustrakStart}
-          setDustrakEnd={setDustrakEnd}
-          setDustrakSerial={setDustrakSerial}
-        />
-      )}
-      {phase === "confirm" && (
-        <UploadConfirm
-          device={device}
-          files={files}
-          dustrakStart={dustrakStart}
-          dustrakEnd={dustrakEnd}
-          clearFiles={() => setFiles([])}
-          clearDustrakTimes={() => {
-            setDustrakStart(moment(""));
-            setDustrakEnd(moment(""));
-          }}
-          clearDustrakSerial={() => setDustrakSerial("")}
-          returnToDrop={() => setPhase("drop")}
-        />
-      )}
-    </Container>
+    <AuthBoundary>
+      <Container>
+        {phase === "drop" && (
+          <UploadDrop
+            files={files}
+            setFiles={setFiles}
+            proceedToConfirm={() => setPhase("confirm")}
+            setDustrakStart={setDustrakStart}
+            setDustrakEnd={setDustrakEnd}
+            setDustrakSerial={setDustrakSerial}
+          />
+        )}
+        {phase === "confirm" && (
+          <UploadConfirm
+            device={device}
+            files={files}
+            dustrakStart={dustrakStart}
+            dustrakEnd={dustrakEnd}
+            clearFiles={() => setFiles([])}
+            clearDustrakTimes={() => {
+              setDustrakStart(moment(""));
+              setDustrakEnd(moment(""));
+            }}
+            clearDustrakSerial={() => setDustrakSerial("")}
+            returnToDrop={() => setPhase("drop")}
+          />
+        )}
+      </Container>
+    </AuthBoundary>
   );
 };
diff --git a/web/src/components/upload/utils.js b/web/src/components/upload/utils.js
index 1d776adb..26cb122d 100644
--- a/web/src/components/upload/utils.js
+++ b/web/src/components/upload/utils.js
@@ -1,5 +1,10 @@
 import axios from "axios";
-import { apiUrlDevices } from "../../api.util";
+import moment from "moment-timezone";
+import {
+  apiUrlCollections,
+  apiUrlDevices,
+  authTokenHeaderFormat,
+} from "../../api.util";
 
 /**
  * Shape of device data stored in database
@@ -25,3 +30,213 @@ export const getDevices = async () => {
  */
 export const findDevice = (devices, serial) =>
   devices.find((device) => device.serial === serial) || {};
+
+/**
+ * Fill form with files and meta data
+ * @param {import('react-dropzone').FileWithPath} firstFile First and second files will be identified...
+ * @param {import('react-dropzone').FileWithPath} secondFile ...by server as gps and dustrak files
+ * @param {moment} dustrakStart Starting moment of session, to be stored as formatted string
+ * @param {moment} dustrakEnd Ending moment of session, to be stored as formatted string
+ * @param {string} pollutantId database id for the type of pollutant, coercible to an integer
+ * @returns {FormData} Files and Meta Data, to be send through API and to Database
+ */
+export const getFilesForm = ({
+  firstFile,
+  secondFile,
+  dustrakStart,
+  dustrakEnd,
+  pollutantId = "1",
+} = {}) => {
+  const filesForm = new FormData();
+  filesForm.append("upload_files", firstFile);
+  filesForm.append("upload_files", secondFile);
+  filesForm.append("starts_at", dustrakStart.format());
+  filesForm.append("ends_at", dustrakEnd.format());
+  filesForm.append("pollutant", pollutantId);
+  return filesForm;
+};
+
+/**
+ * If there are files, there must be exactly two. Otherwise, return an error message
+ * @param {number} fileCount derived from the length of the array of files
+ * @return {string} error message associated with count. empty if two
+ */
+export const messageForFileCount = (fileCount) => {
+  if ([0, 2].includes(fileCount)) return "";
+  if (fileCount < 2)
+    return "We need one GPS log file and one DusTrak cvs file. Please add a file to continue.";
+  if (fileCount > 2)
+    return "We need exactly one GPS log file and one DusTrak cvs file. Please remove additional files.";
+};
+
+/**
+ * Return an error message if any of the times are invalid
+ * @param {moment} dustrakStart
+ * @param {moment} dustrakEnd
+ * @param {moment} gpsStart
+ */
+export const messageForInvalidTime = (dustrakStart, dustrakEnd, gpsStart) =>
+  !dustrakStart.isValid() || !dustrakEnd.isValid() || !gpsStart.isValid()
+    ? "Files could not be uploaded. Try again or choose a different file."
+    : "";
+
+/**
+ * Return an error message if the gps start time is not within a four minute window of the dustrak start time
+ * @param {moment} dustrakStart
+ * @param {moment}  gpsStart
+ */
+export const messageForMismatchedTimes = (dustrakStart, gpsStart) =>
+  !gpsStart.isSame(dustrakStart, "day")
+    ? "Dates don't match. Please replace one of your files to continue."
+    : !gpsStart.isBetween(
+        dustrakStart.clone().subtract(2, "minutes"),
+        dustrakStart.clone().add(2, "minutes")
+      )
+    ? "Times don't match. Please replace one of your files to continue."
+    : "";
+
+/**
+ * If either gps or dustrak file is undefined, set an error message
+ * @param {Array<File | undefined>} files gps and dustrak file
+ * @returns {string} possible error message
+ */
+export const messageForMissingFileType = (files) =>
+  files.includes(undefined)
+    ? "We need one GPS log file and one DusTrak csv file. Please replace one of your files to continue."
+    : "";
+
+/**
+ * Takes two "mystery" files, checks for a dustrak and gps file, and places them in a specific order
+ * @param {Array<FileWithPath>} files files are unknown at this point
+ * @returns {Array<File | undefined>} gps and dustrak files are placed in a specific order, or are undefined
+ */
+export const identFiles = (files) => {
+  let gpsFile;
+  let dustrakFile;
+  files.forEach((file) => {
+    file.name.endsWith(".csv") && (dustrakFile = file);
+    file.name.endsWith(".log") && (gpsFile = file);
+  });
+  return [gpsFile, dustrakFile];
+};
+
+/**
+ * Serial number for the dustrak file is metadata in a specific place of the file
+ * @param {Array<string>} textLines content of the file as a list of each line
+ * @returns {string} the serial number as a string, or empty if file not long enough to have a serial number
+ */
+export const getDustrakSerial = (textLines) => {
+  const lineWithSerial = textLines.length > 2 ? textLines[2].split(",") : [""];
+  return lineWithSerial.length > 1 ? lineWithSerial[1].trim() : "";
+};
+
+/**
+ * Find the start datetime of the gps file.
+ * Assume it is within the first 10 lines of the gps file.
+ * @param {Array<string>} textLines content of the file as a list of each line
+ * @returns {moment} start datetime of gps file- valid or invalid
+ */
+export const getGpsStart = (textLines) => {
+  for (const line of textLines) {
+    if (line.startsWith("$GPRMC")) {
+      const lineFields = line.split(",", 10);
+      const startTime = lineFields[1];
+      const startDate = lineFields[9];
+      return moment.utc(`${startDate} ${startTime}`, "DDMMYYYY hh mm ss.SS");
+    }
+  }
+  return moment.utc("");
+};
+
+/**
+ * Find the start datetime of the dustrak file
+ * @param {Array<string>} textLines content of the file as a list of each line
+ * @returns {moment} start datetime of dustrak file- valid or invalid
+ */
+export const getDustrakStart = (textLines) => {
+  if (textLines.length > 7) {
+    const startTime = textLines[6].split(",")[1];
+    const startDate = textLines[7].split(",")[1];
+    return moment.tz(
+      `${startDate} ${startTime}`,
+      "MM-DD-YYYY hh:mm:ss a",
+      "America/Los_Angeles"
+    );
+  }
+  return moment("");
+};
+
+/**
+ * Find the stop datetime of the Dustrak File
+ * @param {Array<string>} textLines content of the file as a list of each line
+ * @param {moment} startDatetime start datetime of dustrak file- valid or invalid
+ * @returns {moment} the end datetime of dustrak file - valid or invalid
+ */
+export const getDustrakEnd = (textLines, startDatetime) => {
+  if (textLines.length > 8) {
+    const [days, hours, minutes] = textLines[8].split(",")[1].split(":");
+    return startDatetime
+      .clone()
+      .add(days, "days")
+      .add(hours, "hours")
+      .add(minutes, "minutes");
+  }
+  return moment("");
+};
+
+/**
+ * Take the meta data about the collection session from the top of the file
+ * @param {FileWithPath} file raw file
+ * @param {number} endLine last line to extract, above which we expect to already have the necessary content
+ * @returns {Array<string>} Text lines of File Content
+ */
+export const extractFileMetaContent = async (file, endLine = 10) => {
+  try {
+    const gpsContent = await file.text();
+    return gpsContent.split("\n", endLine);
+  } catch {
+    console.error("error getting data from the file");
+    return [""];
+  }
+};
+
+/**
+ * Save uploaded data to a collection
+ * @param {FormData} filesForm
+ * @param {string} authToken
+ * @modifies {API} creates a new collection entry
+ * @returns {{errorMessage: string}}
+ */
+export const saveCollection = async (filesForm, authToken) => {
+  let errorMessage = "";
+  const options = {
+    headers: {
+      Authorization: authTokenHeaderFormat(authToken),
+      "Content-Type": "multipart/form-data",
+    },
+  };
+  try {
+    await axios.post(apiUrlCollections(), filesForm, options);
+  } catch (e) {
+    errorMessage = getCollectionErrorMessage(
+      e?.response?.status,
+      e?.response?.data
+    );
+  } finally {
+    return { errorMessage };
+  }
+};
+
+/**
+ * Error message from failing to save the collection files
+ * @param {number} statusCode
+ * @param {Array<string>} data
+ * @returns {string}
+ */
+export const getCollectionErrorMessage = (statusCode, data) => {
+  if (statusCode === 401)
+    return "Authorization error. Please try logging in again.";
+  if (statusCode === 400 && data[0] === "Dustrak file already in database")
+    return "Dustrak file already in database";
+  return "An unknown error occurred.";
+};
diff --git a/web/src/components/upload/utils.test.js b/web/src/components/upload/utils.test.js
index f5a87a0b..fce271e3 100644
--- a/web/src/components/upload/utils.test.js
+++ b/web/src/components/upload/utils.test.js
@@ -1,12 +1,71 @@
-import { findDevice } from "./utils";
-//TODO: install 'fetch-mock' (https://www.npmjs.com/package/fetch-mock?activeTab=readme)
-// for until testing api requests
+import fs from "fs";
+import moment from "moment-timezone";
+import { apiUrlCollections } from "../../api.util";
+import { server, rest } from "../../serverHandlers";
+import {
+  findDevice,
+  getFilesForm,
+  messageForFileCount,
+  messageForInvalidTime,
+  messageForMismatchedTimes,
+  messageForMissingFileType,
+  identFiles,
+  getDustrakSerial,
+  getGpsStart,
+  getDustrakStart,
+  getDustrakEnd,
+  extractFileMetaContent,
+  getCollectionErrorMessage,
+  saveCollection,
+} from "./utils";
 
 describe.skip("getDevices", () => {
   it.todo("successfully fetch devices");
   it.todo("failed to fetch devices");
 });
 
+describe("getCollectionErrorMessage", () => {
+  it("should get auth error", () =>
+    expect(getCollectionErrorMessage(401, [])).toBe(
+      "Authorization error. Please try logging in again."
+    ));
+
+  it("should get duplicate error", () =>
+    expect(
+      getCollectionErrorMessage(400, ["Dustrak file already in database"])
+    ).toBe("Dustrak file already in database"));
+
+  it("should get an unknown error", () =>
+    expect(getCollectionErrorMessage(400, [])).toBe(
+      "An unknown error occurred."
+    ));
+});
+
+//TODO: as part of auth changes
+describe("saveCollection", () => {
+  it("should successfully upload data", async () => {
+    server.use(
+      rest.post(apiUrlCollections(), (_req, res, ctx) => {
+        return res(ctx.status(200));
+      })
+    );
+
+    const { errorMessage } = await saveCollection({}, "fakeToken");
+    expect(errorMessage).toBe("");
+  });
+
+  it("should handle failed upload", async () => {
+    server.use(
+      rest.post(apiUrlCollections(), (_req, res, ctx) => {
+        return res(ctx.status(400));
+      })
+    );
+
+    const { errorMessage } = await saveCollection({}, "fakeToken");
+    expect(errorMessage).toBe("An unknown error occurred.");
+  });
+});
+
 describe("findDevice", () => {
   const devices = [
     {
@@ -35,3 +94,328 @@ describe("findDevice", () => {
     expect(findDevice(devices)).toEqual({});
   });
 });
+
+describe("getFilesForm", () => {
+  it("should construct a valid files form", () => {
+    const firstFile = new File(["hello"], "hello.csv", { type: "text/csv" });
+    const secondFile = new File(["goodbye"], "goodbye.log", {
+      type: "text/log",
+    });
+
+    const dustrakStart = moment();
+    const dustrakEnd = moment();
+    const filesForm = getFilesForm({
+      firstFile,
+      secondFile,
+      dustrakStart,
+      dustrakEnd,
+    });
+    expect(filesForm.getAll("upload_files")).toHaveLength(2);
+    expect(filesForm.get("starts_at")).toEqual(dustrakStart.format());
+    expect(filesForm.get("ends_at")).toEqual(dustrakEnd.format());
+    expect(filesForm.get("pollutant")).toEqual("1");
+  });
+});
+
+describe("Message for File Count", () => {
+  it("should return an empty error when count is zero or two", () => {
+    expect(messageForFileCount(2)).toBeFalsy();
+    expect(messageForFileCount(0)).toBeFalsy();
+  });
+
+  it("should advise adding a file when too few are added", () => {
+    expect(messageForFileCount(1)).toMatch("add a file to continue");
+  });
+
+  it("should advise remove file(s) when too many are added", () => {
+    expect(messageForFileCount(3)).toMatch("remove additional files");
+  });
+});
+
+describe("messageForInvalidTime", () => {
+  let validTime;
+  let invalidTime;
+  beforeAll(() => {
+    validTime = moment();
+    invalidTime = moment("");
+  });
+
+  afterAll(() => {
+    validTime = null;
+    invalidTime = null;
+  });
+
+  it("should confirm times are valid and invalid", () => {
+    expect(validTime.isValid()).toBe(true);
+    expect(invalidTime.isValid()).toBe(false);
+  });
+
+  it("should return an error message if any time is invalid", () => {
+    expect(messageForInvalidTime(invalidTime, validTime, validTime)).toMatch(
+      "Files could not be uploaded"
+    );
+    expect(messageForInvalidTime(validTime, invalidTime, validTime)).toMatch(
+      "Files could not be uploaded"
+    );
+    expect(messageForInvalidTime(validTime, validTime, invalidTime)).toMatch(
+      "Files could not be uploaded"
+    );
+    expect(
+      messageForInvalidTime(invalidTime, invalidTime, invalidTime)
+    ).toMatch("Files could not be uploaded");
+  });
+
+  it("should return an empty string if all times are valid", () => {
+    expect(messageForInvalidTime(validTime, validTime, validTime)).toBeFalsy();
+  });
+});
+
+describe("Message for Missing File Type", () => {
+  it("should not return an error message if both files are defined", () => {
+    expect(
+      messageForMissingFileType([{ name: "gps.log" }, { name: "dustrak.csv" }])
+    ).toBeFalsy();
+  });
+
+  it("should return an error message if at least one file is undefined", () => {
+    expect(
+      messageForMissingFileType([undefined, { name: "dustrak.csv" }])
+    ).toMatch("replace one of your files");
+  });
+});
+
+describe("Identify GPS and Dustrak File", () => {
+  it("should have two undefined files", () => {
+    const [gpsFile, dustrakFile] = identFiles([
+      { name: "empty.txt" },
+      { name: "empty.txt" },
+    ]);
+    expect(gpsFile).toBeUndefined();
+    expect(dustrakFile).toBeUndefined();
+  });
+
+  it("should have GPS defined and Dustrak Undefined", () => {
+    const [gpsFile, dustrakFile] = identFiles([
+      { name: "gps.log" },
+      { name: "empty.txt" },
+    ]);
+    expect(gpsFile).toBeDefined();
+    expect(dustrakFile).toBeUndefined();
+  });
+
+  it("should have GPS undefined Dustrak defined", () => {
+    const [gpsFile, dustrakFile] = identFiles([
+      { name: "empty.txt" },
+      { name: "dustrak.csv" },
+    ]);
+    expect(gpsFile).toBeUndefined();
+    expect(dustrakFile).toBeDefined();
+  });
+
+  it("should have GPS and Dustrak defined", () => {
+    const [gpsFile, dustrakFile] = identFiles([
+      { name: "gps.log" },
+      { name: "dustrak.csv" },
+    ]);
+    expect(gpsFile).toBeDefined();
+    expect(dustrakFile).toBeDefined();
+  });
+});
+
+describe("messageForMismatchedTimes", () => {
+  let dustrakStart;
+  beforeAll(() => {
+    dustrakStart = moment();
+  });
+
+  afterAll(() => {
+    dustrakStart = null;
+  });
+
+  it("should error when gps time is too high and dates match", () => {
+    const gpsStart = dustrakStart.clone().add(3, "minutes");
+    expect(messageForMismatchedTimes(dustrakStart, gpsStart)).toMatch(
+      "Times don't match"
+    );
+  });
+
+  it("should error when gps time is too low and dates match", () => {
+    const gpsStart = dustrakStart.clone().subtract(3, "minutes");
+    expect(messageForMismatchedTimes(dustrakStart, gpsStart)).toMatch(
+      "Times don't match"
+    );
+  });
+
+  it("should error when gps date doesn't match", () => {
+    const gpsStart = dustrakStart.clone().subtract(3, "days");
+    expect(messageForMismatchedTimes(dustrakStart, gpsStart)).toMatch(
+      "Dates don't match"
+    );
+  });
+
+  it("should not error when gps time in range", () => {
+    const gpsStart = dustrakStart.clone().subtract(1, "minutes");
+    expect(messageForMismatchedTimes(dustrakStart, gpsStart)).toBeFalsy();
+
+    gpsStart.add(2, "minutes");
+    expect(messageForMismatchedTimes(dustrakStart, gpsStart)).toBeFalsy();
+  });
+});
+
+// TODO: Refactor to just standard arrays?
+const testDir = `${__dirname}/test-data`;
+describe("process gps and dustrak files", () => {
+  let validGps;
+  let gprmcMissing;
+  let gprmcCorrupt;
+  let validDustrak;
+  let wrongDustrak;
+  let missingStartDustrak;
+  let empty;
+
+  /**
+   * It is time-intensive to extract files.
+   * Run the process exactly once and make the data available to the whole test block
+   * Any test suites that rely on file data are placed in this test block
+   */
+  beforeAll(async () => {
+    const readFile = (path, opts = "utf8") =>
+      new Promise((resolve, reject) => {
+        fs.readFile(path, opts, (err, data) => {
+          if (err) reject(`error: ${err}`);
+          else resolve(data.toString().split("\n", 10));
+        });
+      });
+
+    const fileNames = [
+      "valid.log",
+      "gprmc_missing.log",
+      "gprmc_corrupt.log",
+      "valid.csv",
+      "wrong.csv",
+      "start_missing.csv",
+      "empty.txt",
+    ];
+    const filePromises = [];
+    for (const file of fileNames) {
+      const filePomise = readFile(`${testDir}/${file}`);
+      filePromises.push(filePomise);
+    }
+
+    [
+      validGps,
+      gprmcMissing,
+      gprmcCorrupt,
+      validDustrak,
+      wrongDustrak,
+      missingStartDustrak,
+      empty,
+    ] = await Promise.all(filePromises);
+  });
+
+  afterAll(() => {
+    validGps = null;
+    gprmcMissing = null;
+    gprmcCorrupt = null;
+    validDustrak = null;
+    wrongDustrak = null;
+    missingStartDustrak = null;
+    empty = null;
+  });
+
+  describe("getDustrakSerial", () => {
+    it("should find a valid dustrak serial", () => {
+      expect(getDustrakSerial(validDustrak)).toEqual("8530094612");
+    });
+
+    it("should handle a corrupted dustrak file with blank serial", () => {
+      expect(getDustrakSerial(empty)).toEqual("");
+    });
+
+    it("should handle a dustrak file missing its start", () => {
+      const corruptSerial = ["", "", ""];
+      expect(getDustrakSerial(corruptSerial)).toEqual("");
+    });
+  });
+
+  describe("getGpsStart", () => {
+    it("should find the time listed in the GPS", () => {
+      expect(getGpsStart(validGps).isValid()).toBe(true);
+    });
+
+    it("has an error from not finding a start datetime", () => {
+      expect(getGpsStart(gprmcMissing).isValid()).toBe(false);
+    });
+
+    it("should fail to create a valid moment in gps", () => {
+      expect(getGpsStart(gprmcCorrupt).isValid()).toBe(false);
+    });
+
+    it("should handle empty in gps module", () => {
+      expect(getGpsStart(empty).isValid()).toBe(false);
+    });
+  });
+
+  describe("getDustrakStart", () => {
+    it("finds the start and end dustrak datetimes", () => {
+      const startDatetime = getDustrakStart(validDustrak);
+      expect(startDatetime.isValid()).toBe(true);
+      expect(getDustrakEnd(validDustrak, startDatetime).isValid()).toBe(true);
+    });
+
+    it("moment handles non-datetime data", () => {
+      const startDatetime = getDustrakStart(wrongDustrak);
+      expect(startDatetime.isValid()).toBe(false);
+      expect(getDustrakEnd(wrongDustrak, startDatetime).isValid()).toBe(false);
+    });
+
+    it("cant find start and end", () => {
+      const startDatetime = getDustrakStart(missingStartDustrak);
+      expect(startDatetime.isValid()).toBe(false);
+      expect(getDustrakEnd(missingStartDustrak, startDatetime).isValid()).toBe(
+        false
+      );
+    });
+
+    it("should handle empty in dustrak modules", () => {
+      const startDatetime = getDustrakStart(empty);
+      expect(startDatetime.isValid()).toBe(false);
+      expect(getDustrakEnd(empty, startDatetime).isValid()).toBe(false);
+    });
+  });
+
+  describe("extractFileMetaContent", () => {
+    it("should parse a file with newline characters", async () => {
+      const mockFileBlob = { text: async () => "Line One\nLine Two" };
+      const textLines = await extractFileMetaContent(mockFileBlob);
+      expect(textLines).toHaveLength(2);
+      expect(textLines[0]).toMatch("Line One");
+      expect(textLines[1]).toMatch("Line Two");
+    });
+
+    it("should resolve to incorrect times", async () => {
+      const mockFileBlob = { text: async () => "" };
+      const textLines = await extractFileMetaContent(mockFileBlob);
+      expect(textLines).toHaveLength(1);
+      expect(textLines[0]).toBeFalsy();
+    });
+
+    it("should trigger an error", async () => {
+      const mockConsoleError = jest
+        .spyOn(console, "error")
+        .mockImplementation();
+      const mockFileBlob = {
+        text: async () => {
+          throw new Error();
+        },
+      };
+      const textLines = await extractFileMetaContent(mockFileBlob);
+      expect(textLines).toHaveLength(1);
+      expect(textLines[0]).toBeFalsy();
+      expect(mockConsoleError).toBeCalledWith(
+        "error getting data from the file"
+      );
+      mockConsoleError.mockRestore();
+    });
+  });
+});