Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactor pairing endpoints to use authorisation #50

Closed
f-fromont opened this issue Mar 14, 2022 · 1 comment · Fixed by #103
Closed

Refactor pairing endpoints to use authorisation #50

f-fromont opened this issue Mar 14, 2022 · 1 comment · Fixed by #103
Assignees
@scorpionknifes
Labels
Priority: Medium Status: Available This issue is available for some to pick up. Type: Feature The issue is about a new feature being introduced to the project.
Projects
Project

Comments

@f-fromont
Copy link
Contributor

Describe the task that needs to be done.
Currently, the endpoints can be accessed by anyone, and it would be better to secure the endpoint so that only authorised users are able to send requests to these endpoints

Depends on: #47 #48 #49 #33

Describe how a solution to your proposed task might look like (and any alternatives considered).
Once the user team sets up the tokens in the user database, we will be able to check if a request has the correct matching token to the token in the database.

We can then have a utility function that gets the id of the user who sent the request based on their token,
This has 2 benefits, it allows us to ensure only authorised users can make requests to these endpoints
and it also means we can access the userId of the sending user, rather than requiring it to be sent through

An example of the refactor could be the removal for sending the userID in addBuddy, instead the userId could be gather based on the access token
Notes
@f-fromont f-fromont added Priority: Medium Status: Review Needed The implementation has finished and someone has been approached for review. Type: Feature The issue is about a new feature being introduced to the project. labels Mar 14, 2022
This was referenced Mar 14, 2022
Closed
Closed
Closed
Closed
@scorpionknifes
Copy link
Member

LGTM

@scorpionknifes scorpionknifes added Status: Available This issue is available for some to pick up. and removed Status: Review Needed The implementation has finished and someone has been approached for review. labels Mar 14, 2022
@scorpionknifes scorpionknifes mentioned this issue Mar 18, 2022
Merged
9 tasks
@scorpionknifes scorpionknifes added this to To do in Project via automation Mar 20, 2022
@scorpionknifes scorpionknifes self-assigned this Mar 20, 2022
@scorpionknifes scorpionknifes moved this from To do to Done in Project Mar 20, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@scorpionknifes scorpionknifes

Labels
Priority: Medium Status: Available This issue is available for some to pick up. Type: Feature The issue is about a new feature being introduced to the project.
Projects
Project
Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Implement Auth Interceptor and refactor endpoints to use Auth scorpionknifes/backend
2 participants
@scorpionknifes @f-fromont