Skip to content

Protected routing | BE #139

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
6 tasks
v0ldemar01 opened this issue Jun 11, 2024 · 0 comments
Open
6 tasks

Protected routing | BE #139

v0ldemar01 opened this issue Jun 11, 2024 · 0 comments
Labels
must-have ready-for-student

Comments

@v0ldemar01
Copy link
Collaborator

v0ldemar01 commented Jun 11, 2024
edited
Loading

User story:
As a unauthorized user, I should not have access to secured resources that require valid authentication credentials

Acceptance criteria:

  • An authorization plugin for route protection should be integrated into the application’s routing system.

  • When a user attempts to access a protected route, then the authorization plugin should verify the user’s authentication status and access rights.

  • The authorization plugin should inject the user’s signed identity into the request.

  • It should implement the white-listing feature in the authorization plugin.

  • White-listed routes should be accessible to all users, regardless of authentication status.

  • When a request is made without proper authorization, then the application should respond with “401 Unauthorized” error status code and You do not have the necessary authorization to access this resource. Please log in.”
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
must-have ready-for-student
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@v0ldemar01