Add login (sign-in), logout, and sign-up to the application, secure API calls, route guards using Vue Router, etc.
A clear and concise description of todo items.
What does login provide? Dataset upload via form (dataset can be made public or kept private/for user only), dataset management (e.g. tag dataset from Browse view, create "carts" or profiles, share dataset (public or private) via links, access to restricted vs. public data), ...
Do we need full role-based authorization, e.g. admin for project creation. Currently this is done via the Flask CLI, and maybe this is enough...
How? e.g. Cookie-based/JWT authentication (Flask -> Axios), there is also Pinia , a state management library that could be used for that (we may need it anyway to track a user session...), and other authentication-as-a-service solutions, e.g. open source alternatives to Auth0.
Notes/questions.
I think the current setup with all routes going to / may not work when adding "secure routes". Besides, this does not currently allow to "go back/go forward", as it always returns to home/index.
Do we need to add database tables to record user information?
May be we should first decide where our account database should live. The following options come to mind: A LDAP server (including AD, e.g. the AG Dieterich LDAP server), an external OAUTH2 provider (e.g. GitHub), the local database.
JWT allows a stateless server. That is nice, but only helps if we don't need state on the server for other reasons. E.g. in Medex we decided to have a per-session server-side cached data in the database.
Aims/objectives.
Add login (sign-in), logout, and sign-up to the application, secure API calls, route guards using Vue Router, etc.
A clear and concise description of todo items.
Notes/questions.
/
may not work when adding "secure routes". Besides, this does not currently allow to "go back/go forward", as it always returns to home/index.