Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

password protected access #63

Closed
ghost opened this issue Apr 6, 2020 · 3 comments
Closed

password protected access #63

ghost opened this issue Apr 6, 2020 · 3 comments
Assignees
@padurean
Labels
back-end enhancement New feature or request

Comments

@ghost
Copy link

ghost commented Apr 6, 2020
edited by mmeloni
Loading

JWT inside gRPC
https://grpc.io/docs/guides/auth/#extending-grpc-to-support-other-authentication-mechanisms
manage token expire error
Add to immugw
@ghost ghost added back-end enhancement New feature or request labels Apr 6, 2020
@ghost
Copy link
Author

ghost commented Apr 6, 2020
edited by ghost
Loading

We would like that when the user starts the first time the app then he/she get a password to login. This password is encrypted and saved in the config file on the server. Call to the server are within a session with login -u -p and logout. Initially, the default username is immu.

@ghost ghost assigned mmeloni Apr 6, 2020
@mmeloni mmeloni assigned padurean and unassigned mmeloni Apr 7, 2020
@ghost
Copy link
Author

ghost commented Apr 10, 2020

We should have a logout command.
We should only store the private key inside sever conf.
Human readable messages.
Handle the case when the token on client is tampered/modified.

@ghost
Copy link
Author

ghost commented Apr 10, 2020

I have tested the last changes and we need the following modifications:

  • no extra files on server, only store the encrypted password in the server config file
  • when the section related to the password in the config file is empty, then the whole password generation can begin again
  • only human-readable error messages
  • a logout command

@padurean padurean mentioned this issue Apr 12, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@padurean padurean

Labels
back-end enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@padurean @mmeloni