/
Authentication

Authentication

Owned by Gurpreet Kaur Saimy
Last updated: Aug 30, 2024
1 min read

Sign-In Screen: https://sc-ctsi-cri.atlassian.net/browse/RD-26

Role-based Access: https://sc-ctsi-cri.atlassian.net/browse/RD-25

Enable Authentication Flow: [RD-80] Enable authentication flow - JIRA (atlassian.net)

Role based access for Department Head: https://sc-ctsi-cri.atlassian.net/browse/RD-74

 

SESSION MANAGEMENT -

  • Currently, dummy credentials are used. This will be integrated with Shibboleth SSO later.

  • Sign in screen → user enters credentials → call backend login api to verify credentials → if credentials are correct → store cookies in response header -> redirect to accrual dashboard

  • Middleware.ts → check if session exists & cookie is not expired & then redirect to appropriate url

  • load cookies in getServerSideProps

Refer above issues for detailed explanation

NOTE: Authentication Flow has been disabled for beta launch

 

 

Refer -

Building Your Application: Authentication | Next.js (nextjs.org)

Next.js App Router Authentication (Sessions, Cookies, JWTs)

Auth.js | Protecting (authjs.dev)

Client & server cookies - https://www.youtube.com/watch?v=w8n7Soz7khw

Cookie - server

Js-cookie - client 

How can I access cookie-session from client side?

To access cookie on client side - httpOnly - false

 

Related content