sven-mayer
commented
6 years ago @telion2 I used passport once and it worked out quite well. For me, it solved a lot of issues.
Open telion2 opened 6 years ago
sven-mayer
commented
6 years ago @telion2 I used passport once and it worked out quite well. For me, it solved a lot of issues.
As the writing Note feature is going to be finished soon and the analysing of Texts is going well, we should implement a profile for users where they can log into. This implies that we: 1.have a way for the user to login and register (UI) 2.store & retrieve authentification data in our DB 3.secure the password with encrypting methods.
generally secure the whole authenfication process
If all that is working, we need to lock the profile route and implement a way to delete stored documents of users who closed the website before registering.
is already availible although still quite ugly.
the DB has all the naiv columns need to store user data. Since I dont know our method of encryption yet, I dont know if there is more than that needed. 3.&4. This where I need help. I have looked around of how some people secure such data using third-party services. http://www.passportjs.org/ using https://auth0.com/docs/getting-started/overview or another of their 300 authentification strategies.
this would be solved by passport.js because it comes with a middleware that can lock routes.