marinanekrassova
commented
7 years ago For demo version, I decided to leave current implementation via basic authentication as it is. As all the requests to REST server are done over HTTPS, the password (Dropbox token) is protected in transit between client and server. Moreover, current scheme doesn't increase the risk of stealing password, because in any case it should be stored on the client (in order to communicate with Dropbox).
As a Smartsafe user, I want to be able to log in to the system in order to use the service.
Acceptance criteria: