Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add token invalidation for user #30

Open
Vec7or opened this issue May 19, 2021 · 3 comments · May be fixed by #52
Open

Add token invalidation for user #30

Vec7or opened this issue May 19, 2021 · 3 comments · May be fixed by #52
Assignees
@Vec7or
Labels
enhancement New feature or request not in scope This issue will not be done during the timeframe of the bachelor's thesis

Comments

@Vec7or
Copy link
Contributor

Vec7or commented May 19, 2021
edited
Loading

Add functionality which invalidates all authentication tokens of a user after the password of said user has been changed. This drastically improves security since the user will be logged out from all other devices. This is particularly useful if a user has been compromised.
@Vec7or Vec7or added the enhancement New feature or request label May 19, 2021
@Vec7or Vec7or added this to the End of Construction milestone May 19, 2021
@Vec7or
Copy link
Contributor Author

Vec7or commented Jun 3, 2021

Return of GraphQLException currently not possible within interceptor. Pull request is open: ChilliCream/graphql-platform#3783

Vec7or pushed a commit that referenced this issue Jun 3, 2021
#30 Added invalidation
bb09675
Vec7or pushed a commit that referenced this issue Jun 3, 2021
#30 Fix lazy loading
8f15de1
Vec7or pushed a commit that referenced this issue Jun 3, 2021
#30 Decouple user state
3ebe4d4
Vec7or pushed a commit that referenced this issue Jun 3, 2021
#30 Add tests
6d58863
@Vec7or Vec7or linked a pull request Jun 3, 2021 that will close this issue
Enhancement/token invalidation #52
Draft
@Vec7or
Copy link
Contributor Author

Vec7or commented Jun 3, 2021

Pull request for v11 was created: ChilliCream/graphql-platform#3787

@Vec7or Vec7or modified the milestones: End of Construction, Submission Jun 7, 2021
@Vec7or Vec7or added the not in scope This issue will not be done during the timeframe of the bachelor's thesis label Jun 7, 2021
@Vec7or Vec7or removed this from the Submission milestone Jun 7, 2021
@Vec7or
Copy link
Contributor Author

Vec7or commented Jun 7, 2021

The functionality has been implemented inside the branch Enhancement/token-invalidation and is theoretically ready for merging. Unfortunately there is a bug in HotChocolate which prevents the correct error messages from being returned to the user. This behavior was fixed with ChilliCream/graphql-platform#3787 and has already been implemented into their main-Branch. Unfortunately no Nuget-Package is yet available containing this change. Therefore the merging of said branch has to be postponed until a Nuget-Package containing the needed changes is available.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Vec7or Vec7or

Labels
enhancement New feature or request not in scope This issue will not be done during the timeframe of the bachelor's thesis
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Enhancement/token invalidation Pronto-AG/Pronto-MIA-Server
1 participant
@Vec7or