Skip to content

[FEATURE] Login and Logout using JWT and OAuth 2.0 #29

Closed
Closed
[FEATURE] Login and Logout using JWT and OAuth 2.0#29
Assignees
rishabhrawat05
Labels
enhancementNew feature or requestgssocGirlScript Summer Of Codegssoc-exthacktoberfesthacktoberfest-acceptedlevel3GirlScript Summer Of Code - 35 pointsstatus: ready for devYou can asked for this issue to be assigned (if not already assigned)
@ajaynegi45

Description

@ajaynegi45
ajaynegi45
opened on Sep 5, 2024

Is this feature already requested?

  • I have checked "open" and "closed" issues, and this is not a duplicate.

Feature Description

Description:

Implement secure login and logout functionality using JWT and OAuth 2.0 in our library management system. The feature should ensure proper role-based access control (RBAC) for different user roles (ADMIN, LIBRARIAN, USER).

The frontend is built using React, so the solution must be compatible with the existing codebase. frontend Security issue

Fork security branch

Requirements:

  1. Authentication Mechanism:

    • Implement JWT-based authentication for handling login and logout.
    • Integrate OAuth 2.0 to allow users to authenticate through third-party providers.

  2. Role-Based Access Control (RBAC):

    • Implement role checking to restrict access to certain functionalities based on the user's role.
    • Example: Only admins should have access add LIBRARIAN and many more

  3. Frontend Integration (React):

    • Ensure that the login and logout functionality integrates seamlessly with the existing React frontend.
    • The frontend should be able to securely store the JWT token and manage user sessions.

  4. Security Considerations:

    • Implement token expiration and refresh logic for maintaining secure sessions.
    • Ensure logout functionality invalidates the JWT token on both the client and server.
    • Protect sensitive routes by ensuring only authenticated users with the proper roles can access them.

  5. API Endpoints:

    • Define the necessary API endpoints for login and logout in the backend (Spring Boot).
    • Ensure the endpoints return appropriate HTTP status codes and messages.

Metadata

Metadata

Assignees

Labels

enhancementNew feature or requestgssocGirlScript Summer Of Codegssoc-exthacktoberfesthacktoberfest-acceptedlevel3GirlScript Summer Of Code - 35 pointsstatus: ready for devYou can asked for this issue to be assigned (if not already assigned)

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions