Membrane Backend: A centralized authentication service for Single Sign-On (SSO) enabling seamless token-based email verification across multiple client applications.
MIT License
1
stars
0
forks
source link
Refactor Authentication Mechanism for Improved Usability and Security #18
Problem:
The current mix of POST and GET methods for authentication can lead to confusion and potential issues in token handling. There's also a lack of a mechanism to handle token blacklisting and seamless redirection after authentication.
Proposed Solution:
Implement a staged authentication flow.
The authenticate function should handle different stages using session data.
Transition from a mixture of POST and GET to a more streamlined staged approach.
Modify the current test suite to accommodate these changes.
Ensure new test cases are added to check for token blacklisting and reauthentication attempts.
Update the JWT token structure to include a redirect URL.
This will ensure that users are redirected to the intended URL after successful authentication.
Problem: The current mix of POST and GET methods for authentication can lead to confusion and potential issues in token handling. There's also a lack of a mechanism to handle token blacklisting and seamless redirection after authentication.
Proposed Solution:
authenticate
function should handle different stages using session data.