VikeLabs/Collabify

[BACKEND] Group password

Closed this issue · 0 comments

hn275 commented

Handling optional password for groups.

  • Change Mongoose schema to include an optional password field.
  • Password needs to be encrypted. (bcrypt)
  • Differentiate private and public group.
  • User validation, using httpOnly cookie so no client side JavsScript can access it:
    • API route needs to parse Cookie from headers, nookie can help.
    • Redirecting user if Cookie expired/user not authenticated.
    • Destroy Cookie when user log out (is there a logout feature?).