Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
ℹ️ Issue
Closes #188
📝 Description
Backend Auth Flow
https://miro.com/app/board/uXjVGncnqBo=/?share_link_id=506205508201
Frontend:
When the frontend needs userType to do frontend-side role guard, it gets the userType cached from storage. If this doesn't exist it gets it from the frontend.
It clears out every time the user logs out.
Also, the frontend interacts directly with Cognito to do login, signin, signup, ect. It interacts with the backend when it needs additional backend data, and the backend knows the authenticity of the frontend through the JWT. The backend never accepts frontend UserType as trustworthy and always uses the JWT to pull the email directly from Cognito to then use to query database data to get the UserType.
✔️ Verification
Both Standard and Admin user login flows work.