Skip to content

Protected routing | BE #139

Open
Open
@v0ldemar01

Description

@v0ldemar01

User story:
As a unauthorized user, I should not have access to secured resources that require valid authentication credentials

Acceptance criteria:

  • An authorization plugin for route protection should be integrated into the application’s routing system.

  • When a user attempts to access a protected route, then the authorization plugin should verify the user’s authentication status and access rights.

  • The authorization plugin should inject the user’s signed identity into the request.

  • It should implement the white-listing feature in the authorization plugin.

  • White-listed routes should be accessible to all users, regardless of authentication status.

  • When a request is made without proper authorization, then the application should respond with “401 Unauthorized” error status code and You do not have the necessary authorization to access this resource. Please log in.”

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions