Getting the authentication flow set up

JesseObrien / fake-iot

Fake IoT Project

0 stars 0 forks source link

Getting the authentication flow set up #3

Closed JesseObrien closed 3 years ago

JesseObrien commented 3 years ago

/login and /logout are working
Need to validate the user credentials properly
Need to ensure there's no security problems with the flow

JesseObrien commented 3 years ago

Yeah I thought about keeping the cookie around because it does add that layer of security with having the HttpOnly non-modifiable token in it. Agreed.