Open Yaswanthtoga opened 6 months ago
Indranil0603
commented
6 months ago Hi @Yaswanthtoga @Mayank2808sharma , i would like to work on this. Any Token algorithm other than JWT, that you already have in mind or should i look into it. And what i get is i need to mostly make changes in the middleware files and int the authController.js in controller
Mayank2808sharma
commented
6 months ago Hey @Yaswanthtoga, Thanks for the suggestion. I agree, adding an extra layer of authorization for admins sounds like a smart move to enhance security. Let's go ahead and implement it.
should I assign it to you?
Yaswanthtoga
commented
6 months ago yeah sure, @Mayank2808sharma
IP80808080
commented
6 months ago 👋 Hello! I'd be happy to help with this issue. Could you please assign it to me? Additionally, could you please label it for the appropriate level? Thank you! 🚀
Yashasvi213
commented
6 months ago Hey! Can you assign me this task? I can do it in minimum amount of time.
Hi @Mayank2808sharma,
Adding an extra layer of authorization for admins sounds like a prudent security measure. By providing admins with both a JWT token and a unique API token, you're ensuring that sensitive operations are further protected. The JWT token can handle operations where both user roles are involved, while the API token specifically caters to admin tasks like scheduling a train.
While it might seem overwhelming at first, this enhancement will definitely bolster security and provide better control over administrative functions. It's always beneficial to prioritize security, especially when handling sensitive operations. What are your thoughts on implementing this additional layer of authorization?
If you are ok with it, will work on this issue.
Thanks