Add optional auth components to register, login, logout and forgot password

[hfournier]

Almost everyone using WebTS will have to code auth components to allow users to register, login, logout and reset their password. Why not generate that code following best practices? It would be a big time saver and promote best practices re security and passwords, etc.

[crutkas]

AAD support via MSAL work for you? openid connect?

[hfournier]

Good options, yes. But, I'd also like a self-contained option with everything in my own DB (e.g. MongoDB) with salted password, local storage and JWT.

And have the front-end code (e.g. Angular) generated, so that after running WebTS, you have a fully functioning app, where users can register, login, logoff and reset their forgotten password.

In an ideal world... :)

[SahilTara]

This honestly sounds great to implement locally first. Would you want the login page to lock access to all other routes or?

Suppose you were to pick the pages "Blank", "List", "Auth" and "Master Detail".

(Note "Auth" is just a hypothetical page name)

Would you want it to lock access to "Blank", "List", and "Master Detail"?

Or would you want to leave it as is and possibly provide a snippit on how to lock routes via the read me?

[hfournier]

Ideally, I think it would be good to have any page that allows add/edit/delete locked, or at least have an "Admin" (or "Auth") page to serve as an example. So, if you're not authenticated, or you don't have the required role, you could see a "List" or "Master/Detail", but not add/edit/delete it.

[SahilTara]

@xtinah-w @jsondoo I would love to work on this. Also think for the actual issue we should split this one up into more manageable pieces. Let me know if anyone else is wanting to work on this though, or if you're on a deadline to finish this before august, since this was the first thing I wanted to do right when I got out of school again (August 1st). Once @xtinah-w has a design for the pages I could implement this fairly quickly 😄.