Please, whatever you eventually choose to do, make sure to continually reference this amazing website whenever you are implementing any interactable part.

https://cheatsheetseries.owasp.org/

It has cheat sheets for securely implementing everything from login forms, preventing common vulnerabilities (at least look at sheets for Top 10), forgoten password flows, storing passwprds and more.

From the top of my head, If you are building it from a scratch without a framework, you will definitely want to at least look into cheat sheets about input validation, injection prevention, password storage, session management, file upload and authorization with authentication.

They are not that long, and should prevent the most critical and common vulnerabilities you will probably have, where the prevention isn’t too difficult, once you know about it.