-
Notifications
You must be signed in to change notification settings - Fork 24
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
✨ Frontend: Implement JWE-based Authentication with RTK Query #198
Comments
Hi, this looks like an interesting issue. I see from the backend dir that the auth apis are ready. I can take this. Where are you looking at storing the jwe tokens? I see the current implentation is using localStorage |
hey @d-a-ve , |
For the tokens, it can be implemented using cookies on the backend side so the frontend never handles the tokens. Any error that it receives, it just displays it to the user. We can also add that depending on the type of error we can do a silent token refresh among other things. The APIs will send back the tokens once it's hit right? P.S: I am talking about the web side of things, I saw after my initial comment that there's an android app |
@d-a-ve, I think using Local Storage should work fine for now, and later on, I’m planning to add an extra layer with WebSockets to improve identity protection. If you're up for it, feel free to start working on the authentication process. I’ll aim to have a staging site up by Wednesday so we can showcase where the project is at. |
@samiurprapon okay. That's fine. What I am supposed to work on is the frontend implementation only or work o the backend code too? I cannot write backend code as I am a frontend dev right now. |
@d-a-ve, you can go ahead and start with the frontend side. I’ll take care of the necessary APIs for your end. For now, you can structure the RTK query and everything using mock APIs. Once you’ve had a chance to dive in and if you're able to spend more time on this, I’d be happy to guide you through the backend implementation of Aether. Let me know what you think! |
@samiurprapon that's great, it sounds fine by me. You can assign it to me. I will think deeply about what's needed and go through the documentation too. |
✨ Feature Request Overview
Implement authentication functionalities using JWE-based tokens, which differ from traditional JWT. It would be preferable to utilize RTK Query for this implementation.
🔍 Background Context
To enhance our application's security, we need a robust authentication mechanism. JWE (JSON Web Encryption) provides an added layer of security by encrypting the token payload, crucial for protecting sensitive information. This feature should support both access and refresh tokens for effective user session management.
📂 Scope
🎨 Design & Mockup
💡 Implementation Details
📘 Relevant Resources
🛠️ Expected Outcome
Expected Result:
A secure authentication system using JWE-based access and refresh tokens, integrated with RTK Query for seamless data fetching and management.
📝 Additional Information
The text was updated successfully, but these errors were encountered: