-
Notifications
You must be signed in to change notification settings - Fork 1
Authentication
Authentication in Hermes is crucial due to the sensitive nature of the data it handles. This includes private employee contracts, payroll data, and other confidential information. By implementing robust authentication mechanisms, we ensure that only authorized individuals have access to this data, thereby maintaining its integrity and confidentiality.
Hermes uses a simple yet secure form of authentication. When a user attempts to log in, their account credentials are verified against the information stored in the database. The password provided by the user is hashed and compared with the hashed password in the database to ensure a match.
Upon successful verification, a JSON Web Token (JWT) is generated. This token is then used for subsequent requests, providing the user with a secure and stateless authentication mechanism. The token ensures that the user is authenticated for all the interactions they have with the system until they log out or the token expires.