A dynamic NewsAI dashboard that uses NLP to analyze news articles, visualize sentiment trends, and extract insights through interactive data visualizations.
Description
We need to implement a simple cookie-based authentication system for the platform, allowing users to sign up and sign in. We will manage the access token using cookies to maintain session security. This will be done without OAuth or other third-party authentication providers.
Requirements:
JWT Token Management:
Use a single JWT access token stored securely in an HTTP-only cookie.
The token should contain user information (e.g., user ID) and have an expiration time (e.g., 2-3 days).
Authentication Flow:
Sign Up:
Endpoint to create a new user and securely hash the password before storing it.
Validate input to ensure email format and password strength.
Sign In:
Endpoint to authenticate users by validating their credentials (email and password).
Upon successful login, generate an access token and store it in an HTTP-only cookie.
Logout:
Endpoint to clear the authentication cookie, effectively logging the user out.
Database Changes:
Create a User table in the database to store user information.
Ensure unique constraints on the email field to prevent duplicate accounts.
Optionally, add an index on the email field for efficient lookups during sign-in.
Cookie Security:
Use HTTP-only and Secure flags to prevent client-side access to cookies.
Set the SameSite attribute to Lax or Strict to limit cross-site request usage.
Set the expiration of the cookie to match the JWT access token expiration.
Security Considerations:
Passwords must be hashed securely using a library like bcrypt.
Ensure the JWT token is signed and validated correctly using a secret key.
Implement token expiration and invalidation.
Error Handling & Logging:
Provide appropriate error responses for invalid credentials, expired tokens, and unauthorized access.
Log key authentication events like failed login attempts and token issues.
Files to create/change:
src/api/routes/auth.py:
Defines routes for sign up, sign in, and logout.
src/api/models/user.py:
Defines the user data model, including fields like email, hashed password, and creation time.
src/api/schemas/auth.py:
Pydantic schemas for validating sign-up and sign-in requests and responses.
src/api/dependencies/auth.py:
Middleware to extract and verify JWTs from cookies for authenticated routes.
src/core/security.py:
Contains helper functions for password hashing, token generation, and cookie management.
Database Migrations:
Add a migration script for creating the users table.
Description
We need to implement a simple cookie-based authentication system for the platform, allowing users to sign up and sign in. We will manage the access token using cookies to maintain session security. This will be done without OAuth or other third-party authentication providers.
Requirements:
JWT Token Management:
Authentication Flow:
Database Changes:
email
field to prevent duplicate accounts.email
field for efficient lookups during sign-in.Cookie Security:
Lax
orStrict
to limit cross-site request usage.Security Considerations:
bcrypt
.Error Handling & Logging:
Files to create/change:
src/api/routes/auth.py
:Defines routes for
sign up
,sign in
, andlogout
.src/api/models/user.py
:Defines the user data model, including fields like email, hashed password, and creation time.
src/api/schemas/auth.py
:Pydantic schemas for validating sign-up and sign-in requests and responses.
src/api/dependencies/auth.py
:Middleware to extract and verify JWTs from cookies for authenticated routes.
src/core/security.py
:Contains helper functions for password hashing, token generation, and cookie management.
Database Migrations:
users
table.Folder Structure to Follow:
Checklist:
bcrypt
.Sign up
route created for user registration.Sign in
route created for user authentication and cookie setup.Logout
route created to clear the authentication cookie.users
table.Considerations: