Change authentication/authorization to JWT #14

Closed
opened 2019-06-10 21:52:15 +00:00 by danieljsummers · 1 comment
danieljsummers commented 2019-06-10 21:52:15 +00:00 (Migrated from github.com)

The current authentication scheme in PrayerTracker uses ASP.NET Core authentication with cookies to determine the user's current privileges. Migrate this scheme to utilize JSON Web Tokens (JWTs), This will require:

  • Ensuring that the authentication and authorization (A&A) code that determines the "current small group" uses a claim obtained from a validated JWT for each request
  • Ensuring that the A&A code that determines the "current user" uses a claim from a validated JWT for each request
  • Ensuring that the JWT can be obtained from both the Authorization: Bearer and session cookie schemes

This will be targeted for the 7.4 release.

The current authentication scheme in PrayerTracker uses ASP.NET Core authentication with cookies to determine the user's current privileges. Migrate this scheme to utilize JSON Web Tokens (JWTs), This will require: - Ensuring that the authentication and authorization (A&A) code that determines the "current small group" uses a claim obtained from a validated JWT for each request - Ensuring that the A&A code that determines the "current user" uses a claim from a validated JWT for each request - Ensuring that the JWT can be obtained from both the `Authorization: Bearer` and session cookie schemes This will be targeted for the 7.4 release.
danieljsummers commented 2022-07-13 23:34:03 +00:00 (Migrated from github.com)

This will not be needed with an htmx implementation

This will not be needed with an htmx implementation
Sign in to join this conversation.
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: bit-badger/PrayerTracker#14
No description provided.