Get rid of the browser local storage for important info (user orgId, role, etc.)

ecrin-github / rms-portal-new

RMS Portal with Python backend

MIT License

0 stars 0 forks source link

Get rid of the browser local storage for important info (user orgId, role, etc.) #32

Closed cudillal closed 5 months ago

cudillal commented 7 months ago

The browser's local storage is used to store sensitive info such as a user's orgId or role. This should be changed as this can be easily modified to gain unauthorized permissions in the app.

cudillal commented 6 months ago

This also fixed login page appearing for 1-2 seconds after logging in, before redirecting to internal main page

sergiocontrino commented 6 months ago

i added issues #34 to #37 after starting testing for this. all seems not connected to the fix.

sergiocontrino commented 5 months ago

all seems fine, some bits of code need to be deleted at some point (either commented out now or unused at the moment).