Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add authentication middleware #5

Open
daniel-orlov opened this issue Jul 26, 2023 · 0 comments
Open

Add authentication middleware #5

daniel-orlov opened this issue Jul 26, 2023 · 0 comments
Assignees
@daniel-orlov
Labels
enhancement New feature or request

Comments

@daniel-orlov
Copy link
Owner

Is your feature request related to a problem? Please describe.
Currently, our server lacks a standardized and secure authentication mechanism. We need a robust solution to authenticate users based on their username and password, ensuring that only authorized users can access protected resources and perform sensitive operations. Implementing username-password authentication as a middleware will help us improve the overall security posture of our application.

Describe the solution you'd like
I propose the addition of an authentication middleware based on username-password authentication to our server. This middleware should handle the following key functionalities:

  1. User Registration: Provide an endpoint to allow new users to create an account with a unique username and a strong, securely hashed password.
  2. User Login: Implement an endpoint that accepts a username and password and verifies them against the stored credentials. Successful authentication should generate a session token or JSON Web Token (JWT) for subsequent authenticated requests.
  3. Password Management: Include mechanisms for users to reset their passwords securely in case they forget or need to change them.
  4. Password Encryption: Ensure that user passwords are securely hashed and encrypted using a strong cryptographic algorithm to prevent unauthorized access to sensitive information.
  5. Session Management: Maintain authenticated user sessions securely to provide seamless access to protected resources without repeated logins.

Describe alternatives you've considered
Currently, we might be using basic authentication or no authentication at all. However, implementing a dedicated authentication middleware with username-password authentication will significantly enhance the security of our application and provide a more user-friendly login experience.

Additional context
The addition of username-password authentication middleware will strengthen our server's security and protect user accounts from unauthorized access. Any specific preferences or requirements, such as the choice of encryption algorithms or session management approach, should be discussed in more detail.

This is related to #3
@daniel-orlov daniel-orlov added the enhancement New feature or request label Jul 26, 2023
@daniel-orlov daniel-orlov self-assigned this Jul 26, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@daniel-orlov daniel-orlov

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@daniel-orlov