Description :
As a user, I want to securely log into the application using my credentials so that I can access personalized features and data. The login process should be secure, quick, and reliable, leveraging OAuth 2.0 for authentication and PyJWT for token management. The user credentials should be protected using AES encryption.
Requirement :
Will require database setup
Acceptance Criteria :
Backend Authentication:
Implement OAuth 2.0 for handling user authentication.
Use PyJWT to generate and manage JSON Web Tokens for authenticated sessions.
Database Setup:
Set up a MongoDB database using MongoEngine.
Ensure the database schema includes encrypted storage for user credentials.
Data Security:
Encrypt user credentials using AES encryption before storing them in the database.
Ensure that encrypted credentials are properly decrypted during the authentication process.
Error Handling:
Provide user-friendly error messages for incorrect login attempts.
Implement measures to prevent brute-force attacks.
Testing:
Perform unit tests and security tests to validate the login functionality across all specified platforms.
Due Date: July 16, 2024
Description : As a user, I want to securely log into the application using my credentials so that I can access personalized features and data. The login process should be secure, quick, and reliable, leveraging OAuth 2.0 for authentication and PyJWT for token management. The user credentials should be protected using AES encryption.
Requirement : Will require database setup
Acceptance Criteria :
Backend Authentication: Implement OAuth 2.0 for handling user authentication. Use PyJWT to generate and manage JSON Web Tokens for authenticated sessions.
Database Setup: Set up a MongoDB database using MongoEngine. Ensure the database schema includes encrypted storage for user credentials.
Data Security: Encrypt user credentials using AES encryption before storing them in the database. Ensure that encrypted credentials are properly decrypted during the authentication process.
Error Handling: Provide user-friendly error messages for incorrect login attempts. Implement measures to prevent brute-force attacks.
Testing: Perform unit tests and security tests to validate the login functionality across all specified platforms.