ColorRecipesExplorer
/
Backend
1
1
Fork 0
Code Issues 7 Pull Requests Projects 1 Releases 2 Wiki Activity

More secure default group authentication #30

New Issue
Closed
opened 2022-04-24 13:01:31 -04:00 by william · 1 comment
william commented 2022-04-24 13:01:31 -04:00
Owner
Copy Link

When setting a default group for a computer:

  • The user sets a unique name for the computer
  • The system generates an UUID from that name (UUID v3)
  • The system sets a cookie in the browser with the UUID

To login:

  • The user has to send a request with the UUID cookie
  • The system generates a JWT with the UUID as subjet
When setting a default group for a computer: - The user sets a unique name for the computer - The system generates an UUID from that name (UUID v3) - The system sets a cookie in the browser with the UUID To login: - The user has to send a request with the UUID cookie - The system generates a JWT with the UUID as subjet
william added the
feature
backend
 labels 2022-04-24 13:01:31 -04:00
william self-assigned this 2022-04-24 13:01:31 -04:00
william added this to the Release 2.0 project 2022-04-24 13:01:31 -04:00
william referenced this issue from a commit 2022-04-25 22:05:12 -04:00
#30 Add group tokens
william commented 2022-04-28 15:09:49 -04:00
Author
Owner
Copy Link

The app admin should be able to remove/disable group tokens, which remove the token from a whitelist to prevent jwt tokens already logged in to access the app. The whitelist will be built at start up from the database group tokens, and will be updated when adding a new group token.

The tokens should not be assignable to more than one browser. Thus, after being created, the group tokens will not be editable or re-assignable.

The app admin should be able to remove/disable group tokens, which remove the token from a whitelist to prevent jwt tokens already logged in to access the app. The whitelist will be built at start up from the database group tokens, and will be updated when adding a new group token. The tokens should not be assignable to more than one browser. Thus, after being created, the group tokens will not be editable or re-assignable.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
develop
17-unmodifiable-system-material-types
release/2.0.0b3
feature/12-user-info-in-jwt
release/2.0.0b1
remise-projet
2.0.0b5.2
2.0.0b5.1
2.0.0b5
2.0.0b4.1
2.0.0b4
release/2.0.0b2
drop-thymeleaf-support
v1.3.1
v1.3.0
v1.2.0
Labels
Clear labels   
backend

   
bug

Something is not working as intended

  
feature

   
frontend

   
infra

   
question

More information is necessary

  
wontfix
No Label
backend
bug
feature
frontend
infra
question
wontfix
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Release 2.0
Assignees
Clear assignees
No Assignees
william
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: ColorRecipesExplorer/Backend#30
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?