Changeset bf146db

Timestamp:
12/30/24 03:55:17 (13 months ago)
Author:
Vasilaki Tocili <vasilakigorgi@…>
Branches:
nextjs, prototype
Children:
b8fed5c
Parents:
70aba49
Message:

Refined the user experience and added new features

In auth.py and database.py:

  • Removed the dotenv dependency and it's usage as environment variables for security since this application is prototype, is run locally and doesn't need any security for now

In main.py:

  • Enhanced the method get_current_user minimally
  • Added email address to the access_token alongside the user_id
  • When creating account, now also the user is passed with it's attribute user_id

In cli_app.py:

  • Added jwt as dependency, and imported the method decode_access_token from auth.py
  • Introduced access_token as a global variable
  • Made Main Menu show up at the start of the program and also after log out from account so that application runs all the time
  • Instead of directly going to user menu after a successfull login, now there is a method handle_menu_after_login() that decides in which menu it will go next, whether user or admin menu
  • There was a bug with login, where instead of making a POST query, I made it do GET query so the login didn't work, fixed it
  • After a successfull login, now the access token is written too
  • Implemented the method handle_menu_after_login(), where first it gets the access token, then it decodes the access token using the method decode_access_token() from auth.py. It extracts the user_id and email from the decoded payload, validates that there is a result and checks with the email if the user is in the list of admins, if yes, then the admin menu is shown, and if not, the user menu instead. If there was some kind of error or exception, it is caught because this whole process is in a try-catch block
  • If the admin menu is left via the log out function, the access token is resetted
  • The headers are passed to the method admin_view_all_accounts(), because the backend still needs the Authorization header to validate the user's role and permissions
  • Removed the parameter token from the user_menu() method, and am performing a resetting of the access_token when performing logging out
(No files)

Note: See TracChangeset for help on using the changeset viewer.