search

idurar / idurar-erp-crm

Free Open Source ERP CRM Accounting Invoicing Software | Node Js React
https://cloud.idurarapp.com
GNU Affero General Public License v3.0
6.27k stars 1.89k forks source link

User Authentication process #457

Open Ando22 opened 1 year ago

Ando22 commented 1 year ago

The objective of this feature is to enhance the existing user authentication process in our application. This includes implementing user registration, login, and logout functionalities with a primary focus on the backend. Additionally, we aim to incorporate user role-based permissions and ensure the seamless sharing of context with the controller.

Tasks:

  1. User Registration: Create registration API endpoints. Implement validation for user registration data. Store user registration data securely in the database. (As default, the first user registration role will be as admin)

  2. User Login: Develop login API endpoints. Implement user authentication during login. Generate and manage user sessions.

  3. User Logout: Create a logout API endpoint. Ensure proper session termination and security measures. Role-based Permissions:

  4. Define user roles: Implement role-based authorization logic. Restrict access to certain functionalities based on user roles. roles: ["admin", "staff"]

  5. Sharing Context with Controller Design an effective mechanism for sharing user context with the controller. Ensure that the controller can access relevant user data as needed.

ShatilKhan commented 1 year ago

I'd like to work on this, can you assign me please? I'd like to know some additional info on this too

Emyboy commented 1 year ago

I am interested in working on this as well.

sahith29s commented 1 year ago

I want to work on this can you assign me please?

Sathyam1020 commented 1 year ago

Can you provide more info on this?

parteekcoder commented 1 year ago

@Ando22 @salahlalami There are some questions can you please provide context about them so that can start with the implementation:

parteekcoder commented 1 year ago

@salahlalami @Ando22 can you please provide more context about this

Ando22 commented 1 year ago

@Ando22 @salahlalami There are some questions can you please provide context about them so that can start with the implementation:

  • Do we have only 2 roles admin and staff
  • Can user creates custom roles of his choice
  • Can admin create user with role admin also
  • the set of permissions allowed in staff role are fixed? Or admin can edit that?
  1. Yes there are only 2 roles as an initial
  2. In future yes, but right now, everytime admin create a user, the role will assigned defaultly as staff. (we will create a new issue for handling RBAC). create roles it should be for admin
  3. Yes admin can create admin
  4. yes, it should be fixed as an initial feature
parteekcoder commented 1 year ago

thanks, @Ando22 for providing this information, so means the number of roles and permissions assigned to roles should be dynamic (which means can be changed by the user)

sarath1326 commented 7 months ago

i want to contribute this issue. now is this problems is solved ?

niket-malviya commented 7 months ago

i also need to contribute to the following issue can you provide more details

niket-malviya commented 6 months ago

you haven't provided any update about the problem can you please inform is the issue is still on or not

dakshmehta007 commented 3 weeks ago

@Ando22 Can you please tell the status of this issue?