-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
JWT Cookie Authentication #437
Conversation
preparation for matriculation tests
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I just added a few general remarks and thoughts to the code, which came up when I read it. These are meant for u as feedback of what I thought when reading it, so feel free to do with these comments as u see fit.
In general I think the code quality is very high and I didn't see any obvious bugs.
Few further remarks:
-
on the About page the html tag should probably use the rel attribute (https://web.dev/external-anchors-use-rel-noopener/)
-
if u are loged in, open another tab, visit the same page, logout on one of these pages, the other isn't redirected to the login page. The information isn't loaded anymore so that's fine but I would expect a redirect. Also on the Settings page the change password component is still displayed and can actualy be used to relogin by providing a password which isn't expected behaviour I believe.
-
lot's of unused imports, maybe clean that up at some point :)
Description
Implements #186, #289
I would like to wait for the test branch before merging and testing this.
Should not influence any production code though.
To run this, webpack will need to spin up a reverse proxy with TLS encryption. Use the following command to generate a localhost certificate (browser will tell you that it is untrusted)
openssl req -x509 -nodes -days 1024 -newkey rsa:2048 -keyout certs/localhost.key -out certs/localhost.crt -extensions 'v3_req' -subj '/C=DE/ST=NRW/L=Paderborn/CN=localhost'
Caution: highly WIP. Currently using different certs to debug pipeline:
Reason for this PR
Changes in this PR
Type of change (remove all that don't apply)
How Has This Been Tested?
Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration
Test Configuration:
OS: Windows
Browser: Chrome
Frontend: (remove all that don't apply)
Backend: (remove all that don't apply)
Checklist: (remove all that don't apply)