DB collection for group hashed password (separating logic, since not all groups are private and to prevent accidental group password to client).
Authorization with JWT token (7 day exp) and cookie.
Frontend
pages/auth/:groupID.
Proper redirection based on status code.
Util
To handle exceptions more explicitly, I've created a class ApiError and some child classes, documented at ./src/api-lib/util/exceptions/apiExceptions.js, these should be thrown as error or pass in callbacks, they have additional information like statusCode, message and err. These will also log out the error when the constructor is called.
Note:
Currently I'm using cookie to store these jwt token, but I just realized that localStorage might have been a better solution since one user should have access to multiple private groups.
Will make a separate PR for this.
Backend
pages/api/auth/:groupID
validatePassword
functionsFrontend
pages/auth/:groupID
.Util
ApiError
and some child classes, documented at./src/api-lib/util/exceptions/apiExceptions.js
, these should be thrown as error or pass in callbacks, they have additional information likestatusCode
,message
anderr
. These will also log out the error when the constructor is called.Note:
Currently I'm using cookie to store these jwt token, but I just realized that localStorage might have been a better solution since one user should have access to multiple private groups. Will make a separate PR for this.
close #84 close #73 close #74