[BACKEND] Group password
Closed this issue · 0 comments
hn275 commented
Handling optional password for groups.
- Change Mongoose schema to include an optional password field.
- Password needs to be encrypted. (bcrypt)
- Differentiate private and public group.
- User validation, using
httpOnly
cookie so no client side JavsScript can access it:- API route needs to parse Cookie from headers, nookie can help.
- Redirecting user if Cookie expired/user not authenticated.
- Destroy Cookie when user log out (is there a logout feature?).