-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathauthentication.html
More file actions
122 lines (94 loc) · 6.16 KB
/
authentication.html
File metadata and controls
122 lines (94 loc) · 6.16 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
<!DOCTYPE html>
<html lang="en">
<head>
<title>Zamp Engineering Handbook</title>
<!-- Meta -->
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="All things Engg @ Zamp!">
<meta name="author" content="Xiaoying Riley at 3rd Wave Media">
<link rel="shortcut icon" href="favicon.ico">
<!-- Google Font -->
<link href="https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700&display=swap" rel="stylesheet">
<!-- FontAwesome JS-->
<script defer src="assets/fontawesome/js/all.min.js"></script>
<!-- Plugins CSS -->
<link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/highlight.js/9.15.2/styles/atom-one-dark.min.css">
<link rel="stylesheet" href="assets/plugins/simplelightbox/simple-lightbox.min.css">
<!-- Theme CSS -->
<link id="theme-style" rel="stylesheet" href="assets/css/theme.css">
</head>
<body class="docs-page">
<header class="header fixed-top">
<div class="branding docs-branding">
<div class="container-fluid position-relative py-2">
<div class="docs-logo-wrapper">
<div class="site-logo"><a class="navbar-brand" href="index.html"><span class="logo-text">Zamp
Engineering<span class="text-alt"> Handbook</span></span></a></div>
</div>
<!--//docs-logo-wrapper-->
<div class="docs-top-utilities d-flex justify-content-end align-items-center">
<ul class="social-list list-inline mx-md-3 mx-lg-5 mb-0 d-none d-lg-flex">
<li class="list-inline-item" style="padding-top: 10px"><a href="https://github.com/Zampfi"><i
class="fab fa-github fa-fw"></i></a></li>
</ul>
<!--//social-list-->
</div>
<!--//docs-top-utilities-->
</div>
<!--//container-->
</div>
<!--//branding-->
</header>
<!--//header-->
<div class="docs-wrapper">
<article class="docs-article" id="section-1">
<h1 class="docs-heading">User Management</h1>
<section class="docs-intro">
<h2 class="section-heading">Authentication</h2>
<p>It is the first and most important component of any platform. Authentication is to validate the user against the credentials provided by him.
It acts as the first line of defense to allow access to valuable data only to those who are approved by the organization. It is not only important for the owner of resources but also for user(legitimate) who is accessing those resources. </p>
<p>At Zamp, we are using <a
href="https://jwt.io/introduction"
target="_blank">JWT</a> based authentication. When a user requests Signs-up/Signs-in, an OTP is sent to the email address provided by the user, if OTP is validated, he is provided a JWT which is sent as an <a
href="https://cookie-script.com/documentation/httponly-cookies"
target="_blank">Http only cookie</a> in response to the API that validates the user's credentials. This JWT is used in every subsequent API request to Zamp to check if the user if <a
href="https://www.geeksforgeeks.org/difference-between-authentication-and-authorization/"
target="_blank">Authorized</a> to access the requested resources.</p>
<p><a href="https://github.com/Zampfi/banking/blob/main/authentication/authentication_service.go"
target="_blank">Authentication implementation</a></p>
</section>
<section class="docs-section" id="item-1-1">
<h2 class="section-heading">User Sanity Middleware</h2>
<p>When a user Signs-up, a merchant is created for him and a User-Merchant relation is established. A user must be associated with a merchant to perform any action on Zamp platform.</p>
<p>The relation that is established between a User and Merchant is validated in every subsequent API request made to Zamp after a user Signs-up. The validation of this relation is termed as User sanity.
And the piece of code that performs this check is called User Sanity middleware.</p>
<p><a href="https://github.com/Zampfi/banking/blob/main/b2buser/middleware/user_sanity_middleware.go"
target="_blank">User Sanity implementation</a></p>
</section>
<!--//section-->
</article>
<footer class="footer">
<div class="footer-bottom text-center py-5">
<!--/* This template is free as long as you keep the footer attribution link. If you'd like to use the template without the attribution link, you can buy the commercial license via our website: themes.3rdwavemedia.com Thank you for your support. :) */-->
<small class="copyright">Living and Breathing Handbook maintained with <span
class="sr-only">love</span><i class="fas fa-heart" style="color: #fb866a;"></i> by <a
class="theme-link" href="https://www.zamp.finance/team" target="_blank">Zamp Engineering
Team</a></small>
</div>
</footer>
</div>
<!--//docs-wrapper-->
<!-- Javascript -->
<script src="assets/plugins/popper.min.js"></script>
<script src="assets/plugins/bootstrap/js/bootstrap.min.js"></script>
<!-- Page Specific JS -->
<script src="assets/plugins/smoothscroll.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.15.8/highlight.min.js"></script>
<script src="assets/js/highlight-custom.js"></script>
<script src="assets/plugins/simplelightbox/simple-lightbox.min.js"></script>
<script src="assets/plugins/gumshoe/gumshoe.polyfills.min.js"></script>
<script src="assets/js/docs.js"></script>
</body>
</html>