You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Implement User Authentication and Authorization using Microsoft Identity, ensuring secure login, logout, and role-based access control specific to Razor Pages with SQLite as the database. This will leverage HTMX for interactive front-end behavior and Bootstrap for styling, adhering to secure practices.
Motivation
Secure and structured authentication and authorization are essential to protect user data and ensure that only authorized users access particular functionalities, preserving the application’s integrity.
Proposed Solution
Microsoft Identity Integration: Use Microsoft’s Core Identity package for managing users, roles, and claims, aligning with the ASP.NET ecosystem.
Password Security: Ensure password encryption through Microsoft Identity’s default secure hashing (bcrypt) and storage mechanisms.
Role-Based Access Control: Set up role-based access to distinguish functionalities between regular users and admins, managed within Identity.
Session Management and CSRF Protection: Enable secure session management, anti-forgery tokens, and other protections provided by ASP.NET Core Identity to mitigate risks.
Data Privacy Compliance: Integrate user data management options compliant with GDPR and CCPA, allowing users to manage their information securely.
SQLite Configuration: Configure Identity to store user credentials and roles in an SQLite database, suitable for lightweight applications and development environments.
Acceptance Criteria
User authentication and role-based authorization are fully implemented.
Secure password encryption and session management.
Role-based access is verified for regular users and admins.
Meets all proposed security measures.
Tests are included for authentication and authorization flows.
Additional Info
Security Testing: Conduct thorough testing for vulnerabilities, including OWASP-recommended checks.
Password Recovery: Enable secure token-based password recovery and account management options for users.
The text was updated successfully, but these errors were encountered:
Description
Implement User Authentication and Authorization using Microsoft Identity, ensuring secure login, logout, and role-based access control specific to Razor Pages with SQLite as the database. This will leverage HTMX for interactive front-end behavior and Bootstrap for styling, adhering to secure practices.
Motivation
Secure and structured authentication and authorization are essential to protect user data and ensure that only authorized users access particular functionalities, preserving the application’s integrity.
Proposed Solution
Acceptance Criteria
Additional Info
The text was updated successfully, but these errors were encountered: