Skip to content
Snippets Groups Projects

feat: added login to people

Merged feat: added login to people
login into master
Merged GUVEN Kemal requested to merge login into master

Created by: Nabilsenko

Test using the endpoint: POST/login Example of JSON object { "email" : "nabil", "passwordHash" : "gGmvD.U1!" } The returned token must be stored somewhere in the front. It must be sent in the bearer of each request (for now, only in GET/people & GET/people/{id}).

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
  • GUVEN Kemal
    GUVEN Kemal @guven3u ·
    Author Owner

    Created by: hihubbIe

    Review: Changes requested

    • src/people/people.controller.ts: either replace interface by struct in @Post or declare interface in /shared folder (see master branch)
    • src/config.index.ts: don't change imports, create a local config.json file and copy content of template inside.

    Shouldn't calling the login endpoint return a token ?

    • password should be hashed server side
    • login should be a controller of its own (e.g. /auth)
    • should return a token, not a person, this is done using GET on /people/:id once authentificated
    • token is passed client side as the Authorization header, so server has to authentificate API calls with that header, and check if user's role allows them to perform action as well
  • GUVEN Kemal
    GUVEN Kemal @guven3u ·
    Author Owner

    Created by: hihubbIe

    Review: Approved

    For next sprint, stop using config.template and don't send hash, that's not safe

  • GUVEN Kemal
    GUVEN Kemal @guven3u ·
    Author Owner

    Created by: DenisDao57

    Review: Approved

  • GUVEN Kemal
    GUVEN Kemal @guven3u ·
    Author Owner

    Merged by: DenisDao57 at 2022-12-16 18:40:50 UTC

Please register or sign in to reply