Feature/9

[KristianS93]

Description

The purpose of this pull request is to implement token based RBAC via JWT's for instructors. Initially the only part of the issue is a login end point, however most of the register endpoint is ready to be implemented. Also functionality for tokens for anonymous users are also created. The JWT will always contain:

• A userId in a claim called UserData, represented as an integer.
• A role in a claim called Role, represented as a string.

A anonymous user will always have a userId of -1, unsure if there are problems regarding having multiple users with this userid. The expiration time of this token, will be set to the amount of time the session is set to.

Considerations There are some consideration to be made, the approach used here uses a users table in the database instead of an instructor class, as this seems to just be wasting some time as this would have to be changed later anyway when creating users.

Testing:

• Should Repositories be tested? They should only contain SQL calls.
• Substitution / mocking, requires and interface or a empty constructor.

Register endpoint?

Before merging Based on these discussions, some changes are expected to be made both in SQL schemas, tests and application code.

Resolved Issue

Fixes #9 #13

Changes

• /login endpoint
• UserRepository
• UserService
• Multiple models
• Changes to the schema

Checklist

• [X] I have added test cases for my additions
• [X] New and old tests passed
• [ ] Documentation is updated

[KristianS93]

For now this issue closes, however a new issue is created for the dummy data, and the student table has to be revised.