Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Refine the Auth0 login process #1231

Closed
10 of 13 tasks
Tracked by #1205
AvocadoMoon opened this issue Apr 29, 2024 · 1 comment · May be fixed by #1250
Closed
10 of 13 tasks
Tracked by #1205

Refine the Auth0 login process #1231

AvocadoMoon opened this issue Apr 29, 2024 · 1 comment · May be fixed by #1250
Assignees

Comments

@AvocadoMoon
Copy link
Contributor

AvocadoMoon commented Apr 29, 2024

The new authentication method has been implemented within the Java client application, but it's rough around the edges.

  • Remove legacy login GUI and place it within the Web (need it on the web anyways, so why not only on the web)
  • There is no formal flow and GUI if you've forgotten your old VCell password
    • Bring over lost password endpoint to the new API
  • The legacy authentication code that is dead is still within the code base
  • Browser tabs that open but never close when performing authentication
  • Opt out of login (currently seems like you need to login to utilize VCell. There is an offline mode available)
    • Don't want to surprise them with a browser, give some GUI that tells them
  • New users
    • Prompted with webapp to create VCell user
    • Automatically create VCell user from email
  • Social Login
  • Authentication and refresh token stored in JSON locally
    • There's plenty of pro's and con's with this security, clients aren't fully trusted
@jcschaff
Copy link
Member

@AvocadoMoon can we close this one?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: Done
Development

Successfully merging a pull request may close this issue.

2 participants