feat(authN): Implement Token based Authentication

cloudoperators / heureka

Security and compliance management

Apache License 2.0

3 stars 1 forks source link

feat(authN): Implement Token based Authentication #83

Open lolaapenna opened 1 month ago

drochow commented 1 month ago

To enable Authentication to the API for Scanners (technical Users) please implement a Token based authentication. The Token should always be time constrained and stored in the Database as a salted SHA-384 hash.

drochow commented 1 month ago

The Token should be stored in a new Table / Entity that is referenced to the user. A user can have multiple active tokens.

For Tokens we want an real deletion and not just an soft delete as on all other models.

Please implement as well all tests.

lolaapenna commented 1 week ago

We need to implement testing.

lolaapenna commented 2 days ago

Working on test refactoring now.