search

TheTrueHonker / DSA-Kaempfer-Backend

The backend server for the DSA Kaempfer frontend
GNU General Public License v3.0
0 stars 0 forks source link

Login/Registration API #1

Open TheTrueHonker opened 2 months ago

TheTrueHonker commented 2 months ago

An API for creating and authorize users.

This is needed for the login page. A user system is needed to manage characters & campaigns, create fights and to use the DM tools.

Yagnnoz commented 2 months ago

Personally I would not want to add user registration. This might lead to gigantic problems regarding security. I would propose to just use a social login like Google. That way the actual authentication, password storage, etc is handled by Google and not by us.

TheTrueHonker commented 2 months ago

Then we would only store email and a username (entered after first sign-up, when username does not exist yet). That should be the bare minimum to store.

I guess the api calls to the google API is handled in the frontend and the connection between the google account and our user is handled via backend. The link between those 2 would be the e-mail.

This website shows how the google API works: https://medium.com/@sallu-salman/implementing-sign-in-with-google-in-spring-boot-application-5f05a34905a8