-
Notifications
You must be signed in to change notification settings - Fork 9
Authentication Methods
I see 2 possible ways we could handle authentication.
- API Keys
- User ID and password
There are a number of decisions that API keys would answer for us. For example, an API key would force us to use stateless connections. A stateless connection type is in turn best served by a REST type interface. Also, it would simplify the server side programming. The server would essentially just check authentication and then serve the request. Pathing would be handled on the client side.
Key generation doesn't matter at this point and would probably be too complicated to implement anyways. The easiest thing to do would be to load a key from a config file and use that directly as the API key.
The most common method that seems the most intuitive. Doing it right is difficult, but getting it working is easy. This would also allow us to use stateless or stateful connection types. This complicates the server side programming as we would then need to manage session states.
information from class would suggest that we are thinking about a stateful connection. User ID and Password may be the better approach.
Password Requirements:
- Must change password every 60 days
- Must have at least one alphabetic character
- Must have at least one number
- Must have at lest one special character(!, #,$,etc..)
- Password must be at least 8 characters long
- username and password is hashed, sent, and de-hashed
- Home
- Course-Related Materials
- Development Environment
- Development Workflow
- Packages
- Guides
- Team Pages