idurar/idurar-erp-crm

User Authentication process

Open

#457 opened on Sep 6, 2023

View on GitHub
 (14 comments) (0 reactions) (1 assignee)JavaScript (4,308 stars) (1,036 forks)batch import
good first issue🔧 Backend

Description

The objective of this feature is to enhance the existing user authentication process in our application. This includes implementing user registration, login, and logout functionalities with a primary focus on the backend. Additionally, we aim to incorporate user role-based permissions and ensure the seamless sharing of context with the controller.

Tasks:

  1. User Registration: Create registration API endpoints. Implement validation for user registration data. Store user registration data securely in the database. (As default, the first user registration role will be as admin)

  2. User Login: Develop login API endpoints. Implement user authentication during login. Generate and manage user sessions.

  3. User Logout: Create a logout API endpoint. Ensure proper session termination and security measures. Role-based Permissions:

  4. Define user roles: Implement role-based authorization logic. Restrict access to certain functionalities based on user roles. roles: ["admin", "staff"]

  5. Sharing Context with Controller Design an effective mechanism for sharing user context with the controller. Ensure that the controller can access relevant user data as needed.

Contributor guide

Tech stack
javascriptnodejsexpressreactmongodbrest api
Domain
backendapiauthenticationauthorization
Issue type
feature
DifficultyEstimated implementation difficulty for a new contributor, from 1 for very small changes to 5 for expert-level work.
3
Estimated timeA rough time range for an experienced contributor to investigate, implement, test, and prepare a pull request.
3-5 days
Activity statusHow available the issue appears right now: fresh, active, stale, blocked, or waiting on maintainer input.
blocked
ClarityHow clearly the issue explains the expected change, acceptance criteria, and next step.
clear
Prerequisites
JavaScriptNode.jsExpressMongoDB
Newbie friendlinessA 1-100 score estimating how approachable this issue is for first-time contributors.
45
Research direction
The issue outlines five tasks for implementing user authentication: registration, login, logout, role based permissions, and sharing context with the controller. The repository uses a MERN stack (Node.js, Express, React, MongoDB). Since there is an assignee, check if any work has been started in a branch. Review existing authentication middleware and controllers in the server directory. The issue mentions default role 'admin' for first user and roles 'admin' and 'staff'.