Central Authorization tool banner

Central Authorization tool

Created by: Jabber
6 devlogs
34h 3m 1s

Updated Project: Updated security, auth_tokens (server sided generation) now have to be given on any request and the server checks if you have permissions (with hierarchy if applicable) for any request. Also added a lot of documentation so everyth…

Updated Project: Updated security, auth_tokens (server sided generation) now have to be given on any request and the server checks if you have permissions (with hierarchy if applicable) for any request. Also added a lot of documentation so everything should be straightforwardish to use.

I am creating a central authorization tool to handle authentication through a central location so I will not have to for other projects (work cross origin). It has also been my passion project for the past year or so.
My project (as I have previously shown) is visible at: https://summer.hackclub.com/projects/11269

Frontend is visible at https://public-tests.vercel.app/,
Username is ‘DemoUser101’, Password is ‘DemoPassword’, db_id is ‘SHl1ZToxQX0’

This project uses AI

Chatgpt 4.0 was used in the transition to a module approach. I do feel that I by now have worked over this enough but it is here as a notice anyway.
Chatgpt was also used for creating documentation. It has all been proofread but there may still be some mistakes in the documentation. Please make a report if applicable.

The frontend was made using AI, I have only made the backend, the frontend is almost fully AI. This project was about making the backend, not the frontend so please judge based on the API not the visuals (I know they are not great) Deducting points for me making use of an AI frontend is fine.

Demo Repository

README

Loading README...
Jabber
Jabber shipped Central Authorization tool
about 1 month ago

Shipped this project!

Hours: 34.05
Cookies: 🍪 103
Multiplier: 3.02 cookies/hr

I built a tool which makes it possible to authenticate centrally but still keep it seperated to a degree. It was challanging making hierarchy but I eventually managed it by making it a JSON object (in the db). Which isn’t the nicest but it works. So I would say: “If it ain’t broken, don’t fix it.” I am still planning to add some stuff but that is for compatibility with my other projects, so as far as I am concerned. This is the finished product!

Jabber
Jabber worked on Central Authorization tool
about 1 month ago
0h 14m logged

Fixed the issue found in my last devlog, it was a simple issue concerning wrong setup of the .env on my part. Also created 2 new pages in the wiki, the setup pages for both the frontend and the backend.

0
Jabber
Jabber worked on Central Authorization tool
about 1 month ago
1h 29m logged

Wrote a wiki, got progress of that deleted multiple times so eventually decided to use copilot bc I got too annoyed. Also fixed some bugs with the backend server I was working with so the demo is online again. While making the video, near the end, yall saw me discovering a bug. I will try to look into it but this is what I have for now and I do not know if I will be able to fix it.

0
Jabber
Jabber worked on Central Authorization tool
about 2 months ago
7h 34m logged

I finished writing the docfiles. I have used AI tab complete for it (so not reasoning models but the built in tab complete AI) as I was too lazy to write everything myself, I have however read over everything and changed wrong information. I have spoken with some other people which said it was too long (as the AI usually does) so I reworked them to be smaller or one line docfiles depending on the code so the docfile would be shorter to read than to decode the code. I have also fixed some small issues/overlooks in my original code, like not using the softlockchecker for deleting an user and not having superadmins (people that do not have to follow hierarchy and location rules).

Please note, it did not take me 7 hours to do this, but somehow some of my progress was wiped meaning I have done some work double. both registry_resource.py and user_resource.py got reverted or wiped completely. I am a little bit pissed this happened and if this is shipped I do not mind ~5-8 hours being removed from my time I worked on this as this bs aint necisary and is taking way too damn long.

0
Jabber
Jabber worked on Central Authorization tool
2 months ago
5h 32m logged

I have finished testing part 2 of the security update (added hierarch)
Currently working on docstrings so it becomes a little more readable in the future when I want to add some more stuff/ make some little changes. Currently also doing this as I do not know what could be nice for my project to have as QoL or some security features that would be handy. After being done with the docstrings and the wiki I think this project is basically done, not sure though, depends on security flaws/QoL/features that are handy/wanted for the project. Wanted would be me lol, nobody gonna see my project anyways, but still

0
Jabber
Jabber worked on Central Authorization tool
2 months ago
9h 50m logged

So, I created hierarchy but I am still testing if it fully works and implementing it for certain parts. It should work but debugging has taken up a lot of time so it probably still has some flaws. (Bc every fix ofc brings in more bugs than it fixes lol)

0
Jabber
Jabber worked on Central Authorization tool
3 months ago
9h 21m logged

I have worked on security. Right now (latest release) an auth token needs be sent with every request (token must be sent in the headers; exception to the rule is creating an auth token). And I am still working on part 2 of the update. I already have “validate_actions()” (unimplemented) which will validate if someone is allowed to do that specific thing and to whom (to whom for post requests). But that will all be covered next update/devlog.
The video had to be compressed to fit. Video quality may thus be below expectation.

0