search

GEWIS / sudosos-frontend

This monorepo contains all frontend projects and shared code for the SudoSOS platform, built with Vue 3 and TypeScript. Contributions are welcome!
https://sudosos.gewis.nl
5 stars 4 forks source link

[Feature] POS users #369

Open SuperVK opened 1 month ago

SuperVK commented 1 month ago

Is this a feature for the SudoSOS point of sale or for the SudoSOS dashboard?

Point of sale

What would you like?

We should implement the POS user authentication from https://github.com/GEWIS/sudosos-backend/issues/62. As also described in https://github.com/GEWIS/sudosos-backend/pull/232.

This means the flow should be as follows: After loading the pos website, you are prompted with the same login as the dashboard. After logging in with your user account, you can log into one of the POS'es you own. Receiving a token for the POS that you just logged into. After logging into a POS, the normal keypad appears. Now product queries, and user queries should be made with the POS token, and the transaction should be made with the user token after the using the pin code.

Why is this needed?

Because then every user cannot get every other user anymore, and admins can no longer make admin request with their pin code, making the system more secure.

Other information

We should probably take the login screen logic away from the dashboard, and put this in some sort of common place.

JustSamuel commented 1 month ago

One of the ideas that I had to prevent people having to enter their AD passwords would be a QR-code flow with a callback?

SuperVK commented 1 month ago

yeah would be more ideal, but requires some more thought on the backend, so maybe a QoL for later?