Open 4darsh-Dev opened 1 month ago
you remove the need for hard-coded credentials and increase security. The process involves setting up Django REST Framework with JWT, handling tokens in the web extension, and ensuring secure API requests. This approach not only secures the authentication mechanism but also aligns with best practices for modern web applications.
okay, It sounds great so first we need to setup user Authentication on our web app from where user can obtain access and refresh token with their credentials , which can work further and stored in chrome storage. We can also limit the usage of token requests for users.
Description
Currently in web extension credentials of username and password for authentication from django api (rest framework) is hard coded find ways to fix that security issue. While sending post request it is converted to base64.
Propose changes and how it can be solved