search

JoshuaBuditama / slowvid

0 stars 2 forks source link

Issues/82 health care professional user interface #88

Closed cskeogh closed 3 years ago

cskeogh commented 4 years ago

Implements a Health Care Professional (HCP) User Interface.

Security features:

  1. uses https to talk to the back-end
  2. only HCPs who have a valid key (signed by the back-end) installed in their browser can register, login, or confirm a user is positive. Keys are distributed securely to HCPs (key distribution is outside of this project's scope)
    1. Details on how to create the keys for the back-end and the HCPs are in the back-end/README.md and hcp-front-end/README.md
  3. Keys are RSA 4096 bit SHA256
  4. uses JWT for session authentication, signed by back-end key
  5. passwords are encrypted by bcrypt with level 10 salt.

Possible future enhancements (for another Issue):

  1. Once the HCP has their key, they can register, login and confirm a user is positive. There should be vetting before the HCP can confirm positive.
  2. Password minimum length checking.

Untitled

JoshuaBuditama commented 4 years ago

@cskeogh should the "certificates2" folder be automatically created or should I make one before generating the key? craig_pr88

cskeogh commented 4 years ago

@cskeogh should the "certificates2" folder be automatically created or should I make one before generating the key?

Ooops, that is meant to be "certificates", I was using "certificates2" for testing. Also it should create directory for you. I'll fix.

cskeogh commented 3 years ago

Did not have the Group Policy Object Editor in my windows management console (pictured below) so I skipped the steps that were related to the Group Policy object Editor (Steps followed https://superuser.com/a/1182358/1235035). Still worked just fine as far as I know though so maybe worth mentioning in case the marker also has the same issue?

Thank you, I'm glad it works. I updated the README.md

For some reason, my browser opened localhost:8004 but not localhost:8003 although the code set 8003 as the address.

I fixed this launch.json

Maybe mention that a registration is needed to create a mock HCP account? Just so that the marker won't be confused as to what credentials to use.

Done, added some text: Untitled

Add simple pop-up message like "Registration successful", "Login successful", etc. just to ensure that the marker knows what's going on I suppose?

Good idea, I've added this.

cskeogh commented 3 years ago

Closes #82