Central Authorization tool - Flavortown

Updated Project: Updated security, auth_tokens (server sided generation) now have to be given on any request and the server checks if you have permissions (with hierarchy if applicable) for any request.

I am creating a central authorization too…

Updated Project: Updated security, auth_tokens (server sided generation) now have to be given on any request and the server checks if you have permissions (with hierarchy if applicable) for any request.

I am creating a central authorization tool to handle authentication through a central location so I will not have to for other projects (work cross origin). It has also been my passion project for the past year or so.
My project (as I have previously shown) is visible at: https://summer.hackclub.com/projects/11269

Frontend is visible at https://public-tests.vercel.app/,
Username is ‘Test-1.0’, Password is ‘Password125’
as I am using the free plan of Render.com, nothing is persistent, please take note of this when testing out my application.

This project uses AI

Chatgpt 4.0 was used in the transition to a module approach. I do feel that I by now have worked over this enough but it is here as a notice anyway.

Demo Repository

Jabber worked on Central Authorization tool

6 days ago

7h 34m logged

I finished writing the docfiles. I have used AI tab complete for it (so not reasoning models but the built in tab complete AI) as I was too lazy to write everything myself, I have however read over everything and changed wrong information. I have spoken with some other people which said it was too long (as the AI usually does) so I reworked them to be smaller or one line docfiles depending on the code so the docfile would be shorter to read than to decode the code. I have also fixed some small issues/overlooks in my original code, like not using the softlockchecker for deleting an user and not having superadmins (people that do not have to follow hierarchy and location rules).

Please note, it did not take me 7 hours to do this, but somehow some of my progress was wiped meaning I have done some work double. both registry_resource.py and user_resource.py got reverted or wiped completely. I am a little bit pissed this happened and if this is shipped I do not mind ~5-8 hours being removed from my time I worked on this as this bs aint necisary and is taking way too damn long.

0

0

Log in to leave a comment

Jabber worked on Central Authorization tool

19 days ago

5h 32m logged

I have finished testing part 2 of the security update (added hierarch)
Currently working on docstrings so it becomes a little more readable in the future when I want to add some more stuff/ make some little changes. Currently also doing this as I do not know what could be nice for my project to have as QoL or some security features that would be handy. After being done with the docstrings and the wiki I think this project is basically done, not sure though, depends on security flaws/QoL/features that are handy/wanted for the project. Wanted would be me lol, nobody gonna see my project anyways, but still

0

0

Log in to leave a comment

Jabber worked on Central Authorization tool

22 days ago

9h 50m logged

So, I created hierarchy but I am still testing if it fully works and implementing it for certain parts. It should work but debugging has taken up a lot of time so it probably still has some flaws. (Bc every fix ofc brings in more bugs than it fixes lol)

0

0

Log in to leave a comment

Jabber worked on Central Authorization tool

about 2 months ago

9h 21m logged

I have worked on security. Right now (latest release) an auth token needs be sent with every request (token must be sent in the headers; exception to the rule is creating an auth token). And I am still working on part 2 of the update. I already have “validate_actions()” (unimplemented) which will validate if someone is allowed to do that specific thing and to whom (to whom for post requests). But that will all be covered next update/devlog.
The video had to be compressed to fit. Video quality may thus be below expectation.

0

0

Log in to leave a comment