Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authentication to do list #95

Open
2 of 11 tasks
knox153 opened this issue Jul 23, 2020 · 0 comments
Open
2 of 11 tasks

Authentication to do list #95

knox153 opened this issue Jul 23, 2020 · 0 comments

Comments

@knox153
Copy link
Collaborator

knox153 commented Jul 23, 2020
edited
Loading

Round 2 (☞゚ヮ゚)☞

  • Cleanup the database, there are some invalid documents in there (outdated schema, empty field, etc.) It might be easier to delete everything and create new data lol
  • Verify user after account creation
  • Password reset - need to create a new email and setup the server to send email with reset token. Token has to be pseudorandom, encrypted, and has expiry date
  • Remember me checkbox
  • Show hidden password icon
  • Add spinner when request is sent
  • Rate limit to mitigate dictionary attack
  • Third party authentication (Facebook, Twitter, Github, etc.)
  • Configure Content Security Policy (can be checked with https://securityheaders.com/)
  • Add CSRF tokens / double submit cookie
  • Multi-factor authentication
@knox153 knox153 mentioned this issue Jul 23, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@knox153