ai-cfia / membrane-backend

Membrane Backend: A centralized authentication service for Single Sign-On (SSO) enabling seamless token-based email verification across multiple client applications.
MIT License
1 stars 0 forks source link

Refactor State-Based Logic in authenticate function to Request-Type-Based Logic #27

Open CFIALeronB opened 1 year ago

CFIALeronB commented 1 year ago

Problem: The previous implementation of the authenticate function heavily relied on a state-based logic. This approach transitioned between multiple states such as INITIAL_STATE, AWAITING_EMAIL, EMAIL_SENT, and USER_AUTHENTICATED.

Solution: The function has now been refactored to handle different types of requests based on the presence and type of token in the request. Specifically:

  1. For requests with both a valid client JWT and an email:

    • The provided email is validated.
    • A verification token is generated and an email is sent to the provided address.
  2. For requests with a valid client JWT but without an email:

    • Users are redirected to the Louis login frontend.
  3. For requests where client JWT decoding fails:

    • The function attempts to decode using the verification token method, to validate users trying to confirm their emails.

In addition to the main changes, the following were done:

This change should make the code more streamlined, easier to maintain, and reduce potential points of failure.