Code Review #10
Open
Code Review #10
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…isolation and efficiency Migrated the complete build pipeline of our monorepo to Docker containers, leveraging multi-stage builds for optimized performance. This shift ensures full isolation from the local environment, enhancing consistency and scalability.
Authentication mechanism for efficient user verification. This update includes token generation, validation, and automated handling of token expiry and refresh scenarios.
Refactor Dto and add error message for incorrect request Delete unnecessary filter chain in AuthTokenFilter Delete unused TokenDto
Implement Backend with JWT Authentication
Add a AES encryption and decryption module including controller, service, and repository layers. This module provides functionalities to securely encrypt and decrypt messages using AES algorithm
- browser behavior realize me what filterChain really do - exceptionHandling cause that browser client get 401 on bad auth instead of 200
BREAKING CHANGE: Issue with Handling Multiple Clients Using a Single Account: storage token
fixed unexcepted behavior in browser
refactor(MessageController): Add response entity
- added hook for auth - login/register page - simple router logic - error page
…error handling via toasts
Feature/login page
- Added registration, login, and logout functionality for improved user experience. - Updated dashboard with a backend-connected table and hover cards for extended text. - Improved error handling for smoother user interactions across authentication and dashboard usage. - encryption and decryption logic
feat(frontend): Enhance auth flow, dashboard, and error handling
Full Stack
Added max 140 char length because of encryption
Full Stack
wybran
reviewed
Apr 4, 2024
| } | ||
|
|
||
| @NotBlank(message = "The email is required.") | ||
| @Pattern(regexp = "^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}$", message = "Invalid email address.") |
There was a problem hiding this comment.
wszystkie regexy do stałych w osobnej klasie
wybran
reviewed
Apr 4, 2024
| import lombok.*; | ||
|
|
||
| @EqualsAndHashCode(callSuper = true) | ||
| @Data |
There was a problem hiding this comment.
|
|
||
| authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(user.getUsername(), request.getPassword())); | ||
| //@TODO only one user can be logged in at the same time | ||
| revokeAndDeleteAllUserTokens(user); |
There was a problem hiding this comment.
jeśli przy logowaniu/rejestracji usuwam/bądź unieważniam tokeny dostępne w bazie danego użytkownika to koliduje.
Tu chodzi o to, że jeden użytkownik nie może być zalogowany np. na 2 urządzeniach
There was a problem hiding this comment.
Tokenów JWT lepiej nie trzymać w bazie bo szybko sie zawali, można trzymać w pamięci i co restart backendu tworzyć nowy JWT secret.
There was a problem hiding this comment.
początkowo chciałem usuwać co logowanie ale pojawił się problem 2 sesji jednego użytkownika czego nie przewidziałem. Co do JWT secret to racja. Nie jestem przekonany co do trzymania tokenów w ramie to też szybko można zawalić
Comment on lines
+14
to
+44
| const router = createBrowserRouter([ | ||
| { | ||
| path: "/", | ||
| element: <Navigate to="/login" replace/>, | ||
| }, | ||
| { | ||
| path: "/login", | ||
| element: ( | ||
| <> | ||
| <LoginPage/> | ||
| <Toaster/> | ||
| </> | ||
| ) | ||
| }, | ||
| { | ||
| path: "/dashboard", | ||
| element: ( | ||
| <RequireAuth> | ||
| <Dashboard/> | ||
| <Toaster/> | ||
| <div className="absolute left-5 top-5"> | ||
| <Logout/> | ||
| </div> | ||
| </RequireAuth> | ||
| ), | ||
| }, | ||
| { | ||
| path: "*", | ||
| element: <PageNotFound/>, | ||
| }, | ||
| ]); |
| const {toast} = useToast(); | ||
| const [dialogOpen, setDialogOpen] = useState(false); | ||
|
|
||
| const onSubmit: SubmitHandler<EncryptRequest> = async (data) => { |
There was a problem hiding this comment.
zapytania do api do osobnych hooków, najlepiej z react query
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.